The Netherlands Times reports that an investigation by Bitdefender (in cooperation with the radio news outlet Argos) has uncovered a large cyberespionage operation, apparently Iranian in origin, that’s managed to establish its infrastructure in two Amsterdam data centers. The basic malware, “Foudre” (“lightning,” in French) was identified in 2016 and has been active for about a decade. It’s added new command-and-control capabilities as well as a new component, “Tonnerre” (“thunder”) for persistence, surveillance and data exfiltration. The operation appears to target devices in the Netherlands, Germany, Sweden, and India.
Microsoft published what it calls its “final update” on Redmond’s internal investigation of Solorigate yesterday. They found no evidence that threat actors gained access to either production servers or customer data, and concluded that Microsoft systems weren’t used to attack third parties. They did find signs that intruders were able to inspect some code repositories for Azure cloud identity and security programs, for Exchange, and for Intune mobile management.
ESET reports that threat actors have begun to work on Apple’s new, month-old Silicon M1 Macs, the ones equipped with Apple’s in-house chips. Red Canary calls the “activity cluster” “Silver Sparrow,” and says it lacks a payload.
The Texas winter storms aren’t, of course, a cyber incident, but they may hold lessons for business continuity and recovery planning against the possibility of cyberattacks on power grids. In this case, according to the Wall Street Journal, a number of data centers have done fine, but the storm’s been harder on humans than machines.
Is your business effected by Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.
Digitpol’s Cyber Crime Investigation Unit provides investigative support to victims of cyber crimes. Digitpol is available 24/7. https://digitpol.com/cybercrime-investigation/
UK +44 20 8089 9944