CyberScoop

CISA alert draws attention to spyware’s targeting of messaging apps The agency’s brief notice also directed messaging app users to advice on how to protect themselves.

The agency’s brief notice also directed messaging app users to advice on how to protect themselves. via @timstarks.bsky.social cyberscoop.com/cisa-alert-d...

This campaign aims to tackle persistent security myths in favor of better advice Hacklore.org launches to debunk common cybersecurity myths and promote advice that actually keeps people safe online.

Hacklore.org includes the launch of a website and a letter signed by more than 80 cybersecurity professionals. via @timstarks.bsky.social cyberscoop.com/hacklore-org...

YouTube video by FedScoop Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon

Commissioner Gomez told CyberScoop the agency is poised to eliminate “the only meaningful regulatory response to Salt Typhoon that I have seen.” via @derekbjohnson.bsky.social www.youtube.com/watch?v=tit7... | cyberscoop.com/fcc-cybersec...

AI-Powered Espionage Will Favor China The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

Thanks to @tom.risky.biz, the Seriously Risky Business Newsletter and @lawfaremedia.org for citing our reporting on the Anthropic/China AI report.

YouTube video by FedScoop Sen Mark Warner warns of cyber consequences of Trump admin national security firings, politicization

Sen. Mark Warner, D-Va., said the Trump administration is leaving the nation vulnerable at a time of rising threats in cyberspace. via @timstarks.bsky.social www.youtube.com/watch?v=ZZJQ... | cyberscoop.com/top-senate-i...

Privacy group sues feds over talks with tech companies on ICE raid trackers The Electronic Frontier Foundation is suing four federal agencies for records of their communications with Meta, Apple, and Google regarding the removal of apps and websites that tracked ICE activity.

The lawsuit concerns the removal of apps like ICEBlock, Red Dot and DeICER from online playstores that provide real-time tracking of immigration raids. via @derekbjohnson.bsky.social cyberscoop.com/eff-sues-gov...

Top Senate Intel Dem warns of ‘catastrophic’ cyber consequences of Trump admin national security firings, politicization Mark Warner of Virginia chastised the president over what he called the politically-motivated personnel decisions that he said jeopardized national security, including layoffs of one-third of the work...

Sen. Mark Warner, D-Va., said the Trump administration is leaving the nation vulnerable at a time of rising threats in cyberspace. via @timstarks.bsky.social cyberscoop.com/top-senate-i...

SEC drops case against SolarWinds tied to monumental breach The SEC on Thursday dropped its case against SolarWinds and its chief information security officer over its handling of an alleged Russian cyberespionage campaign uncovered in 2020.

The SEC on Thursday dropped its case against SolarWinds and its CISO over its handling of an alleged Russian cyberespionage campaign uncovered in 2020, an incident that penetrated at least nine federal agencies and hundreds of companies. via @timstarks.bsky.social cyberscoop.com/sec-drops-ca...

Hundreds of Salesforce customers hit by yet another third-party vendor breach The widespread compromise is strikingly similar to a previous attack that originated at Salesloft Drift.

The widespread compromise is strikingly similar to a previous attack that originated at Salesloft Drift. via @mattkapko.com cyberscoop.com/salesforce-g...

NSO Group argues WhatsApp injunction threatens existence, future U.S. government work The spyware vendor made those two arguments, among others, in a motion to stay the California court ruling.

The spyware vendor made those two arguments, among others, in a motion to stay the California court ruling. via @timstarks.bsky.social cyberscoop.com/nso-group-wh...

NSO Group argues WhatsApp injunction threatens existence, future U.S. government work The spyware vendor made those two arguments, among others, in a motion to stay the California court ruling.

According to NSO Group, enforcing the injunction would cause irreparable harm to its business and prevent the U.S. government from using its products.

✍️ @timstarks.bsky.social

cyberscoop.com/nso-group-wh...

Amazon warns of global rise in specialized cyber-enabled kinetic targeting The company said the boundaries between cyber and physical attacks are dissolving as nation-states use network intrusions to aid military targeting in real time.

The company said the boundaries between cyber and physical attacks are dissolving as nation-states use network intrusions to aid military targeting in real time. via @mattkapko.com cyberscoop.com/amazon-cyber...

Five Eyes just made life harder for bulletproof hosting providers An international effort sanctioned Russia-based Media Land and took action against companies and people who helped Aeza Group evade previously issued sanctions.

Thanks to @mattkapko.com for including my comments on Bullet Proof Hosting sanctions in this piece for @cyberscoop.bsky.social

Five Eyes just made life harder for bulletproof hosting providers An international effort sanctioned Russia-based Media Land and took action against companies and people who helped Aeza Group evade previously issued sanctions.

An international effort sanctioned Russia-based Media Land and took action against companies and people who helped Aeza Group evade previously issued sanctions. via @mattkapko.com cyberscoop.com/bulletproof-...

Palo Alto Networks to acquire observability firm Chronosphere for $3.35 billion Palo Alto Networks announced Wednesday it will acquire Chronosphere, a cloud observability platform, for $3.35 billion in cash and equity.

The cybersecurity giant's move into observability reflects how AI workloads are blurring lines between security and operations. via @gregotto.bsky.social cyberscoop.com/palo-alto-ne...

Why Anna Gomez believes the FCC is letting telecoms off easy after Salt Typhoon In an interview, the lone dissenting voice on the panel, Commissioner Anna Gomez, told CyberScoop that rescinding the rules would let telecoms off the hook for the cybersecurity lapses that enabled th...

Commissioner Gomez told CyberScoop the agency is poised to eliminate “the only meaningful regulatory response to Salt Typhoon that I have seen.” via @derekbjohnson.bsky.social cyberscoop.com/fcc-cybersec...

Information sharing law’s expiration could squander government vulnerability hunting efforts, senator says Senators caution that letting the cyber threat data sharing law expire could hinder vulnerability detection and information sharing between businesses, putting national security and corporate protecti...

The next steps for the law, now extended for a short time, are up in the air. via @timstarks.bsky.social cyberscoop.com/cyber-threat...

Hackers turn open-source AI framework into global cryptojacking operation Hackers are exploiting a critical vulnerability in Ray, an open-source AI framework, to launch widespread cryptojacking campaigns targeting exposed servers and high-value GPUs, security researchers wa...

Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions into a global cryptojacking bot for profit, according to researchers at cybersecurity firm Oligo. via @derekbjohnson.bsky.social cyberscoop.com/ray-ai-crypt...

Completed draft of cyber strategy emphasizes imposing costs, industry partnership The forthcoming Trump administration cyber strategy will introduce six key pillars, emphasizing deterrence of cyber threats and enhanced industry partnerships, with action items and deliverables for U...

The national cyber director and a top FBI official shared more details about the forthcoming Trump administration document Tuesday. via @timstarks.bsky.social cyberscoop.com/trump-cyber-...

Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread attacks were already underway.

The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread attacks were already underway. via @mattkapko.com cyberscoop.com/fortinet-del...

Dozens of groups call for governments to protect encryption The letter comes as countries in Europe have moved over the past year to regulate or mandate legalized access for criminal and national security investigations.

The letter comes as countries in Europe have moved over the past year to regulate or mandate legalized access for criminal and national security investigations. via @derekbjohnson.bsky.social cyberscoop.com/encryption-s...

Ah @cyberwarcon.bsky.social the only conference for intel ops research authored by the terminally online

Completed draft of cyber strategy emphasizes imposing costs, industry partnership The forthcoming Trump administration cyber strategy will introduce six key pillars, emphasizing deterrence of cyber threats and enhanced industry partnerships, with action items and deliverables for U...

by me: cyberscoop.com/trump-cyber-... @cyberscoop.bsky.social

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as what’s possibl...

ICYMI last week, @derekbjohnson.bsky.social discusses Anthropic's 'China AI' attack in @cyberscoop.bsky.social: 'China’s ‘autonomous’ AI-powered hacking campaign still required _a ton_ of human work' cyberscoop.com/anthropic-ai... @gate15.bsky.social

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as what’s possibl...

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work by @derekbjohnson.bsky.social at @cyberscoop.bsky.social. cyberscoop.com/anthropic-ai...

DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime.

Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime. via @mattkapko.com cyberscoop.com/doj-north-ko...

China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as what’s possibl...

Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as to show what’s possible. via @derekbjohnson.bsky.social cyberscoop.com/anthropic-ai...

Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit The phishing kit Lighthouse, which has aided text scams like those soliciting victims to pay unpaid road tolls, appears to have been hampered shortly after Google filed a lawsuit aimed at its creators...

SecAlliance and Silent Push confirmed that the suspected Chinese operators of the phishing kit appear to have been affected. via @timstarks.bsky.social cyberscoop.com/lighthouse-t...

YouTube video by CyberScoop Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment

The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise. via @mattkapko.com www.youtube.com/watch?v=DmHk... | cyberscoop.com/washington-p...

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses Officials shared indicators of compromise observed as recently as this month to help organizations hunt for and defend against the ransomware group, which has pocketed $244 million as of late Septembe...

Officials shared indicators of compromise observed as recently as this month to help organizations hunt for and defend against the ransomware group, which has pocketed $244 million as of late September. via @mattkapko.com cyberscoop.com/akira-ransom...