Security News

Media in the San Francisco area are reporting the arrest of a notorious former resident who allegedly skipped bail on hacking charges. Anonymous is perhaps best described as "a hacking group that wasn't" - a moniker that could be, and was, claimed by almost anyone with an internet axe to grind.

America's largest propane provider, AmeriGas, has disclosed a data breach that lasted ephemerally but impacted 123 employees. This month's data breach was reported by the propane giant to the Office of the New Hampshire Attorney General.

The REvil ransomware gang, thought to be behind an attack on meat producer JBS which netted an impressive $11m payoff, has found another victim. Described as a "a small, veteran-owned consulting firm focused on managing advanced technologies and concepts with strong potential for military and space applications," Sol Oriens' links to the US nuclear weapons programme were revealed in a job posting for a "Senior Nuclear Weapons System Subject Matter Expert" on recruitment site Lensa, first spotted by CNBC correspondent Eamon Javers.

US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack. Job postings first spotted by CNBC correspondent Eamon Javers provide some insight into Sol Orien's operations, who are seeking program managers, consultants, and a 'Nuclear Weapon System Subject Matter Expert' to work with the National Nuclear Security Administration.

The restaurant chain reportedly said no U.S. customer data was exposed and the attack did not involve ransomware. McDonald's is the latest company to fall victim to a cyberattack exposing customer and other data in the U.S., Taiwan and China, The Wall Street Journal has reported.

A subcontractor for the U.S. Department of Energy that works on nuclear weapons with the National Nuclear Security Administration, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service gang. As Javers noted, "We don't know everything this small company does," but he posted a sample job posting that indicates that it handles nuclear weapons issues: "Senior Nuclear Weapon System Subject Matter. Expert with more than 20 years of experience with nuclear weapons like the W80-4." The W80 is a type of nuclear warhead carried on air-launched cruise missiles.

The White House dropped Trump-era executive orders intended to ban the popular apps TikTok and WeChat and will conduct its own review aimed at identifying national security risks with software applications tied to China, officials said Wednesday. In revoking some of President Donald Trump's blanket-style orders against Chinese tech companies and replacing them with a narrower approach, the Biden administration has not actually weighed in yet on whether TikTok and other apps pose a danger to Americans.

FINRA, the U.S. securities industry regulator, has warned brokerage firms of an ongoing phishing campaign threatening recipients with penalties unless they provide the information requested by the attackers. Org domain used in these ongoing phishing attacks was registered on June 7 using the Hosting Concepts B.V. domain registrar.

Biden's plan is a good first step but is missing a critical component: secure hardware. The government plan is conspicuously silent on that aspect of the cybersecurity threat, which is particularly ironic given the emphasis recently on investing more in American hardware initiatives.

US House Rep Mo Brooks seemingly revealed his Gmail password and a PIN in a Sunday rage tweet about a lawsuit regarding the January 6 insurrection attempt. Brooks, who sits on the House's Cyber, Innovative Technologies, and Information Systems subcommittee, and the Science, Space, and Technology committee, tweeted a photo from an iPad of his Windows computer, attached to which was a piece of paper with login credentials written on it.