Russian cyberspies targeted the Slovak government for months
therecord.media/russian-cyberspies-targeted-slovak-government-for-months/ A Russian cyber-espionage group linked to one of Russia’s intelligence forces has targeted the Slovak government for months, Slovak security firms ESET and IstroSec said this week. The attacks were attributed to a group known as the Dukes, Nobelium, or APT29, which cyber-security agencies from the US and other countries formally linked to the Russian Foreign Intelligence Service, also known as the SVR, earlier this year after its attack on software company SolarWinds. also:
Scanning for Microsoft Exchange eDiscovery
isc.sans.edu/forums/diary/Scanning+for+Microsoft+Exchange+eDiscovery/27748/ In the past week, I have notice more scans looking for the following Exchange URL over port 443: /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application. Based on this graph, these scans started almost immediately (17 April 2021) after April patch Tuesday and are still ongoing today.
Workers increasingly steal company data during turnover tsunami’
www.ft.com/content/a7a2b5c4-1653-4364-84c1-c322c5b56745 Employees are taking sensitive computer code from their own companies at three times the rate they were a year ago, according to new research into so-called insider threats, as record numbers of disgruntled workers quit their jobs with pandemic restrictions easing. An analysis of data of 700, 000 company devices by the cyber security group Code42 found that there were about 65m attempts made by staff to exfiltrate source code from their corporate network in the three months to the end of June, up from about 20m in each of the previous three quarters.
Emails from Lithuanian Ministry of Foreign Affairs for sale on data-trading forum
www.bleepingcomputer.com/news/security/emails-from-lithuanian-ministry-of-foreign-affairs-for-sale-on-data-trading-forum/ The Lithuanian Ministry of Foreign Affairs has declined to comment about the authenticity of email files allegedly stolen from its network and offered for sale on a data-trading forum. The cache supposedly consists of 1.6 million emails containing conversations and documents marked as sensitive and highly sensitive in nature.
Indra Group Attack on Iran Highlights the Threats to Global Critical Infrastructure
blog.checkpoint.com/2021/08/14/indra-group-attack-on-iran-highlights-the-threats-to-global-critical-infrastructure/ Check Point Research (CPR) warns governments everywhere of the importance of protecting critical infrastructure, as it learns that the July 9 cyber attack on Iran’s train system was carried out by Indra, a group that identifies itself as regime opposition and has the capability to wipe out data without direct means for recovery.