Poland’s government attributes misinformation about a bogus radiation threat to Russia, the Washington Post reports. The disinformation was spread through hijacked Polish government websites.
The FBI’s Internet Crime Report for 2020 is out. Losses to all varieties of Internet crime were high, officially a bit north of $4.2 billion
The US House Energy and Commerce Committee yesterday pressed Federal agency leaders on the scope of Holiday Bear’s compromise of SolarWinds, theHill reports. A parallel Senate inquiry suggests, according to CSO, that US organizations are generally unprepared for such supply chain attacks. The Washington Post describes how the Senate Homeland Security Committee’s investigation will continue today with an inquiry into how such attacks might be prevented.
Deputy National Security Advisor for Cyber Neuberger outlined the Federal response to the various campaigns, both criminal and state-directed, against vulnerable Microsoft Exchange Server instances. Domain Tools’ Joe Slowik tweeted an interesting graphic that summarizes the known and suspected threat actors involved in Exchange Server exploitation. It divides the actors’ operations into “initial exploitation,” “pre-disclosure share,” “immediate opportunistic exploitation,” and “lagging opportunistic exploitation.”
Two crypters—modules that help malware evade detection—receive scrutiny from researchers. Avast has released its study of OnionCrypter, and Morphisec has an account of Hcrypt, an…