Newsletters

After making a mess of its comms earlier this year in May, Microsoft has published a more detailed timeline about its plan to enforce multi-factor authentication for all users accessing Azure and other admin portals.

The company says that by October this year, MFA will be required to access the Azure portal, Microsoft Entra admin center, and Intune admin center.

Admins will receive emails and notifications in the Azure Service Health portal to enable MFA for their accounts or face losing access to their paid services.

A security researcher has discovered secret hardware backdoors in RFID key cards manufactured by a major Chinese company.

The backdoors can allow threat actors to clone affected smart cards within minutes and access secure areas.

They impact smart cards manufactured by Chinese company Shanghai Fudan Microelectronics that were built using MIFARE Classic chips from NXP.

A threat actor is hacking and extorting companies that have misconfigured their cloud server infrastructure.

The data extortion campaign has been taking place since earlier this year and involves a large-scale scan of the internet for companies that have exposed their environment variable files.

Also known as .ENV, these files act as a centralized location for storing configuration data by multiple software solutions.

In sharp contrast to events during the 2016 US presidential election campaign, an apparent hack and leak operation targeting the Trump campaign is being treated responsibly by America’s mainstream media. 

For us, 'responsible' behaviour means verifying the documents, assessing the material's newsworthiness, and giving readers context of the potential operation.    

On Saturday, after being approached by news outlet Politico with leaked documents, the Trump campaign claimed it had been hacked in an attempt to interfere with the 2024 election. 

US officials have seized server infrastructure linked to a data extortion group known as Dispossessor and RADAR.

Officials from the DOJ and FBI have seized nine domains and 24 servers linked to the gang's operations.

A criminal complaint was also filed against an individual going by the hacker pseudonym of "Brain," which officials believe is based out of Europe—possibly Poland.

The Trump campaign claims it was hacked by Iran after a trove of sensitive documents were leaked to Politico at the end of July.

The news outlet says it received the documents from an individual using the name Robert and an AOL email address.

The documents allegedly contained vetting materials pertaining to J.D. Vance and Marco Rubio, which were compiled by the Trump team as part of the Vice President nomination process. The documents are allegedly part of a larger collection of files stolen from the campaign.

The US State Department is offering a $10 million reward for any information on six Iranians behind Cyber Av3ngers, an Iranian hacktivist group that has repeatedly attacked critical infrastructure across the US and other countries.

The six were identified as members of an Iranian cyber unit known as the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC).

The six were sanctioned by the US Treasury in February this year, but this marks the first time the US has formally linked the six to the Cyber Av3ngers persona.

The US intelligence community is seriously concerned about the foreign intelligence risks that stem from its porous data ecosystem, according to the newly released 2024 US National Counterintelligence Strategy. 

The 2024 strategy calls for robust action to counter what it calls foreign intelligence entities (FIEs). It describes an "unprecedented" array of threats:

It says that the PRC and Russia represent the most significant threats and that:

A ransomware attack has hit the IT systems of the French national museum network, crippling financial systems at over 40 museums, including two that were repurposed to host two Olympic events.

The attack hit over the weekend and took down an IT system that was aggregating financial data from Réunion des Musées Nationaux (RMN), an organization under the French Ministry of Culture that manages museums around Paris, including the Louvre.

The incident also impacted Grand Palais and the Château de Versailles, two museums hosting events for the Paris 2024 Olympics.

German and US authorities have seized a crypto-wallet service named Cryptonator on charges of money laundering and operating an unlicensed money service business.

The service allowed individuals to set up crypto-wallet funds that could receive and send funds from and to any type of blockchain service, effectively operating as a "personal cryptocurrency exchange" for each customer.

Officials say Cryptonator failed to implement anti-money laundering protections and knowingly allowed its service to be used for illegal activities.