New APT Group Launches Rare Espionage Attacks Against Industrial Targets

UK Parliament committee says Huawei colludes with the Chinese government, Apple pays researchers nearly $300K for finding bugs in online platform, Facebook launches bug bounty loyalty program and more

Researchers from Kaspersky Lab have uncovered an APT group called MontysThree that has launched a series of espionage attacks against industrial targets in a campaign that dates back to 2018. Kaspersky says that espionage of government and business targets is common, although these kinds of spying attacks on industrial targets are rare. The group uses a toolset that it calls MT3, which consists of separate modules, including a loader which obfuscates itself using steganography, making it hard to detect the group’s activities. (Tara Seals / Threatpost)

Related: Kaspersky Lab official blogSecurelist

UK Parliament Defense Committee Says There is ‘Clear Evidence’ Huawei Colludes with China’s Communist Party

The UK Parliament’s defense committee issued a report on Huawei and 5G concluding that there is “clear evidence of collusion” between Huawei and the Chinese Communist Party. The report did not offer any evidence of the spying but simply outlined the structural links between the government and the country’s top telecom tech provider. The report said that Britain may need to remove all Huawei equipment from its 5G infrastructure sooner than the 2027 deadline ordered by British Prime Minister Boris Johnson in July. (Reuters)

Related: TechradarSilicon UKFortuneForbesFars News AgencyRT NewsThe Register

Apple Paid Five Researchers $288,500 for Finding Bugs Across Its Online Platform

Five hackers researched and analyzed several Apple online services for three months and found a grand total of 55 vulnerabilities, some of them potentially very dangerous. Apple has paid the hackers a reward of $288,500 for 32 of those vulnerabilities. One of the worst bugs could have let criminals create a worm that would automatically steal all the photos, videos, and documents from someone's iCloud account. (Lorenzo Franceschi-Bicchierai / Motherboard)

Related: Sam Curry

New ‘Global Privacy Control’ Spec Aims to Achieve What ‘Do Not Track’ Did Not Accomplish

A new specification called Global Privacy Control has been developed by privacy researcher Ashkan Soltani to accomplish what the Do Not Track initiative attempted but failed to do, namely allow users to reclaim their privacy on the web. It has been developed to support the global privacy requirements in the California Consumer Privacy Act (CCPA) although it’s extensible to other privacy laws such as the General Data Protection Regulation (GDPR) in Europe. So far, only the makers of the Brave and Duck Duck Go browsers are the only browser developers who have committed to adopting the GPC. (Dan Goodin / Ars Technica)

Related: TechNadu

Attackers Exploit Trump’s COVID-19 Illness With Phishing Campaign

A phishing campaign that delivers a network-compromising backdoor seeks to capitalize on Donald Trump’s COVID-19 illness by promising to deliver inside information on the state of his health, researchers at Proofpoint discovered. Users that click on a download link get the BazarLoade backdoor trojan, believed to be created by the notorious TrickBot gang, which gives threat actors backdoor access to the victims’ computers. (Lawrence Abrams / Bleeping Computer)

Related: The State of Security, Komando.com

New Mobile Ransomware MalLocker.B Locks Screens on User Devices

A new strain of mobile ransomware, called AndroidOS/MalLocker.B, abuses the mechanisms behind the "incoming call" notification and the "Home" button to lock screens on users' devices, takes over the phone, and prohibits the users from dismissing the ransom note, Microsoft researchers report. Like most Android ransomware, MalLocker.B doesn’t actually encrypt files but does prevent user access to the rest of the phone. (Catalin Cimpanu / ZDNet)

Related: Microsoft Security Blog

Facebook Launches Loyalty Program for Bug Bounty Hunters

Facebook is launching a loyalty program for its bug bounty hunters along with a description of the standard process for reporting bugs called The Facebook Bug Description Language (FBDL). The loyalty program is called Hacker Plus, a program that offers performance-based rewards, including bonuses, all-expenses-paid trips to special events, and early access to stress-test new products and features. (Paul Sawers / Venture Beat)

Related: Facebook, The Next Web, ZDNet

Other Infosec Developments

  • Equipment from U.S.-based surveillance tech company Sandvine, which is owned by the private equity firm Francisco Partners, has also been used to censor the internet in more than a dozen countries in recent years, according to three current, five former employees and company documents.  Those sources say that Sandvine’s technology has been used to filter news and social media websites and messaging apps. Sandvine says that its technology, which incorporates blocking and filtering technology, is used to manage Internet traffic and protects users from illicit and illegal activity. (Ryan Gallagher / Bloomberg)

  • Membership-only retail warehouse club Sam's Club has over the past two weeks sent automated password reset emails and security notifications to customers who were hacked in credential stuffing attacks. The company is alerting members that an unauthorized party may have gained access to their accounts. (Ax Sharma / Bleeping Computer)

Podcast of the Day

HBO documentary series Agent of Chaos, co-directed by Alex Gibney and Javier Botero, focuses on the turmoil of the 2016 election including the Russian spies, Wikileaks, 2.0 that were part of the “clusterf*ck of gargantuan proportions.” Botero joins Motherboard’s Cyber podcast to talk about the chaos of 2016 and what legacy it has left America. Take a listen - it’s worth it. Photo by Jørgen Håland on Unsplash

Main photo by Patrick Hendry on Unsplash