Russian Hackers Stole Thousands of Emails From the State Department

Whistleblower accuses Ubiquiti of massively downplaying 'catastrophic' security incident, Amazon security pro confused company's bungled anti-union campaign with outsider hack, more

Keep your full organization informed on the top cybersecurity news of the day with a significantly discounted bulk subscription to Metacurity. Please email us at info@metacurity.com or click below!

Get 50% off for 1 year

According to congressional sources, Russian hackers stole thousands of emails from the State Department’s Bureau of European and Eurasian Affairs and Bureau of East Asian and Pacific Affairs in the second known Kremlin-backed breach on the Department.

It’s not clear if the email thefts were part of the massive SolarWinds breach, which many organizations have attributed to Russia. (Betsy Woodruff Swan and Natasha Bertrand / Politico)

Related: New York PostRoll CallTechradarThreatpostComputing.co.uk

An inside cybersecurity professional at cloud-enabled IoT vendor Ubiquiti accused the company of massively downplaying a “catastrophic” incident to minimize any hit to its stock price. The insider also says that the company concocted details about a breach involving a third-party cloud provider that had exposed customer account credentials.

In a letter to the European Data Protection Supervisor, the whistleblower wrote, “The breach was massive, customer data was at risk, access to customers’ devices deployed in corporations and homes around the world was at risk.” (Brian Krebs / Krebs on Security)

Related: SlashGear » securitySlashdot

Researchers at Awake Labs say that the Hades ransomware gang, which appears to use multiple nation-state tools and techniques, is possibly related to Hafnium, which is a Chinese government-backed threat group that compromised Microsoft Exchange servers.

Countering Awake’s claims, some industry researchers say that the Hades gang was merely leveraging the web shells left behind by Hafnium. (Tara Seals / Threatpost)

Related: TechTarget, Awake

Amazon’s recently bungled anti-union PR campaign, which relied on fake Twitter personalities, was so bad that a security engineer filed a suspicious activity report, believing that Amazon’s social media account had been hacked.

The laughably amateur tweets “are unnecessarily antagonistic (risking Amazon’s brand) and may be a result of unauthorized access,” the engineer said in writing up a trouble ticket inside the company. (Jason Del Rey / Recode)

Related: Chicago Sun-Times - AllCNBC TechnologyHotHardware.comScoop NZLaw & Disorder – Ars TechnicaDaily Dot, The Intercept

Researcher Douglas Leith from Trinity College suggests that while both iOS and Android collect handset data from users, the Google mobile OS collects about 20 times as much data as its Apple competitor.

His research shows that in the US, Android collectively gathers about 1.3TB of data every 12 hours., while iOS collects about 5.8GB. (Dan Goodin / Ars Technica)

Related: Lifehacker9to5GoogleReddit - cybersecurityiMore9to5MacAppleInsider

The IRS is warning educational institutions of ongoing phishing attacks that impersonate the agency.

The attacks use tax refund payment baits and mainly focus on universities' staff and students with .edu email addresses. (Sergiu Gatlan / Bleeping Computer)

Related: Associated Press Technology, IRS.gov

Google is rolling out as a developer origin trial its Federated Learning of Cohorts (FLoC), an alternative to cookies that is a crucial part of its Privacy Sandbox project for Chrome.

The trial will start in the U.S., Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, and the Philippines. (Frederic Lardinois / TechCrunch)

Related: Big News NetworkAndroid Central9to5Googlexda-developers

VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers.

VMware has also published workaround instructions for organizations that can't immediately patch servers running vulnerable vRealize Operations versions. (Sergiu Gatlan / Bleeping Computer)

Related: Security Affairs

Cybersecurity training start-up Living Security has raised $14 million in a Series B financing round.

Washington, D.C. based-Updata Partners led the financing, which also included participation from existing investors Silverton Partners, Active Capital, Rain Capital, and SaaS Venture Partners. (Mary Ann Azevedo / TechCrunch)

Related: ExtremeTechTechCrunch Security

Phillipe Christodoulou is angry at Apple for allowing a fake Trezor app to be posted in its app store that ultimately allowed criminal actors to steal $600,000 worth of his bitcoin.

Trezor is a small hardware device or wallet used to store cryptocurrency. Trezor says it has been notifying Apple and Google for years about fake apps posing as a Trezor product to scam its customers.  Apple has so far offered no details on how the fake app made its way onto its store, which has been touted as far more secure than the Google Play Store. (Reed Albergotti / Washington Post)

Related: Security News | Tech TimesMacRumorsWCCFtechiMore

Photo by Vitolda Klein on Unsplash