Lawfare Blog: How to Fight Foreign Hackers With Civil Litigation

Lawfare Blog: How to Fight Foreign Hackers With Civil Litigation. “Since 2010, Microsoft alone has won court orders to seize command and control (C2) servers and sinkhole malicious traffic in 24 cases, seizing a total of more than 16,000 malicious domains. Mechanically, these cases work a lot like the Justice Department’s botnet takedowns: Both entities compile evidence that particular domains are being used to control botnets and use that evidence to obtain court orders requiring U.S.-based domain registries to redirect those domains to servers controlled by the entity that sought the order, among other possible court-authorized remedies.”

Krebs on Security: DEA Investigating Breach of Law Enforcement Data Portal

Krebs On Security: DEA Investigating Breach of Law Enforcement Data Portal. “The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.”

Washington Post: Russian government websites face ‘unprecedented’ wave of hacking attacks, ministry says

Washington Post: Russian government websites face ‘unprecedented’ wave of hacking attacks, ministry says. “Russian government websites and state-run media face an ‘unprecedented’ wave of hacking attacks, the government said Thursday, prompting regulators to filter traffic coming from abroad. In a statement, the Ministry of Digital Development and Communications said the attacks were at least twice as powerful as any previous ones. It did not elaborate on what filtering measures had been implemented, but in the past, this has often meant barring Russian government websites to users abroad.”

Homeland Security Today: Anonymous Information Warfare Intensifies with 7 Million Text Messages to Russians, New Email Campaign

Homeland Security Today: Anonymous Information Warfare Intensifies with 7 Million Text Messages to Russians, New Email Campaign. “Anonymous programmers Squad303 created a tool last week that allows non-hackers to make a positive contribution to ‘the largest and most successful cyber operation in the history of the world.’ Within 48 hours of releasing the 1920.in tool, the group reported on Twitter that ‘the people of the free world sent the Russians 2 million text messages’ warning that the people of Russia would suffer as a result of nations’ response to Vladimir Putin’s aggression and that they need to know the truth about his unprovoked war. By Tuesday, that volume had hit 5 million and was rapidly climbing.”

CNET: Microsoft seizes multiple websites from Chinese hacking group

CNET: Microsoft seizes multiple websites from Chinese hacking group. “Microsoft on Monday said that its digital crime unit obtained authorization from a federal court to seize multiple websites a Chinese hacking group was using to target organizations in the US and 28 other countries. The hacking group, dubbed Nickel, was using the sites to execute attacks ‘for intelligence gathering from government agencies, think tanks and human rights organizations,’ Microsoft said in a blog post.”

AFP: Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive

AFP: Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive. “Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan’s then-government and security forces as the Taliban was moving in to take power. The Pakistan-based group, known as SideCopy, used ‘romantic lures’ from what appeared to be young women on the platform to try to trick the targets into giving the hackers access to their pages.”

MIT Technology Review: Hackers are stealing data today so quantum computers can crack it in a decade

MIT Technology Review: Hackers are stealing data today so quantum computers can crack it in a decade. “While they wrestle with the immediate danger posed by hackers today, US government officials are preparing for another, longer-term threat: attackers who are collecting sensitive, encrypted data now in the hope that they’ll be able to unlock it at some point in the future. The threat comes from quantum computers, which work very differently from the classical computers we use today.”

The Hacker News: Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

The Hacker News: Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia. “Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012. Mihai Ionut Paunescu (aka ‘Virus’), the individual in question, was detained at the El Dorado airport in Bogotá, the Office of the Attorney General of Colombia said.”

Seattle Times: US looking into possible computer hacks of federal agencies

Seattle Times: US looking into possible computer hacks of federal agencies. “Hackers got into computers at the U.S. Treasury Department and possibly other federal agencies, touching off a government response involving the National Security Council. Security Council spokesperson John Ullyot said Sunday that the government is aware of reports about the hacks. ‘We are taking all necessary steps to identify and remedy any possible issues related to this situation,’ he wrote in an email.”

ComputerWorld: Windows hackers target COVID-19 vaccine efforts

ComputerWorld: Windows hackers target COVID-19 vaccine efforts. “I’ve written before about how during the coronavirus pandemic, hackers have increasingly exploited Windows vulnerabilities to trick people into downloading malware and ransomware to get fast, easy money. With a recent upsurge of attacks, things are getting worse. And this time around it’s different — people may die from COVID-19 because of the attacks.”

ABC News: DOJ announces charges against 6 Russian military officers allegedly involved in hacking, malware operations

ABC News: DOJ announces charges against 6 Russian military officers allegedly involved in hacking, malware operations. “The indictment specifically accuses the six alleged hackers of engaging in computer intrusions ‘intended to support Russian government efforts to undermine, retaliate against or otherwise destabilize’ Ukraine, Georgia, elections in France, the 2018 PyeongChang Olympic Games and international efforts to hold Russia accountable for its use of the nerve agent Novichok on foreign soil.”

CNBC: Hackers look to buy brokerage log-ins on the dark web with Robinhood fetching highest prices

CNBC: Hackers look to buy brokerage log-ins on the dark web with Robinhood fetching highest prices. “As a new generation of investors flock to the stock market, criminals are looking for ways to exploit them. Hackers have turned to the dark web, where log-ins for accounts at major brokerage firms are listed for sale, according to security analysts and listings seen by CNBC.”

CNN: Microsoft takes down massive hacking operation that could have affected the election

CNN: Microsoft takes down massive hacking operation that could have affected the election. “Microsoft has disrupted a massive hacking operation that it said could have indirectly affected election infrastructure if allowed to continue. The company said Monday it took down the servers behind Trickbot, an enormous malware network that criminals were using to launch other cyberattacks, including a strain of highly potent ransomware.”