2023-04-10
Ukraine has already altered some military plans because of the leak. The Joint Staff is examining its distribution lists & tightening flow of these reports. And DoD now says the US has been in touch with allies & Congress about the leak's potential damage. https://www.cnn.com/...
bellingcat
The leaked Pentagon Ukraine documents seem to have first appeared on Discord, followed by 4chan, before spreading to Telegram, Twitter, and major media outlets
Aric Toler / bellingcat :
The classified documents leaked online touch on everything from Wagner Group operations in Africa and Israel's pathways to providing lethal aid to Ukraine, to intel about the UAE's ties to Russia and South Korean concerns about providing ammunition to the US for use in Ukraine. https://twitter.com/...
bellingcat
The leaked Pentagon Ukraine documents seem to have first appeared on Discord, followed by 4chan, before spreading to Telegram, Twitter, and major media outlets
Aric Toler / bellingcat :
2022-11-06
Ukraine's fears that its troops may lose access Starlink internet service deepened in the past week after 1,300 of the military's satellite units went offline, according to two sources familiar with the outage. via @MarquardtA @snlyngaas https://www.cnn.com/...
CNN
Sources: 1,300 Starlink units in Ukraine went offline as SpaceX and the US DoD negotiate funding despite Elon Musk claiming the company will continue “for free”
2022-10-14
👀 https://www.cnn.com/... https://twitter.com/...
CNN
Docs: SpaceX told the Pentagon that it can't donate more Starlink terminals to Ukraine or keep funding the service there indefinitely, and asks for funding
Since they first started arriving in Ukraine last spring, the Starlink satellite internet terminals made by Elon Musk's SpaceX …
2022-01-03
“U.S. and British intelligence tried twice to recruit Klyushin, according to Ciric, the attorney in Switzerland. U.S. intelligence attempted to engage him in summer 2019 in the south of France and British intelligence approached him in March 2020 in Edinburgh...”
Bloomberg
The US takes Vladislav Klyushin, a Kremlin insider, into custody; sources say he has documents related to Russia's DNC hack during the 2016 election
IT executive Vladislav Klyushin's journey into U.S. custody is a blow to the Kremlin, say people familiar with a Russian intelligence assessment of what he may have to offer
“Klyushin's attorney...said in an interview that his client was sought by U.S. authorities because they believe he has inside information on Russia's 2016 election hacking that he may provide to avoid decades behind bars on the insider trading charges.” https://www.bloomberg.com/...
Bloomberg
The US takes Vladislav Klyushin, a Kremlin insider, into custody; sources say he has documents related to Russia's DNC hack during the 2016 election
IT executive Vladislav Klyushin's journey into U.S. custody is a blow to the Kremlin, say people familiar with a Russian intelligence assessment of what he may have to offer
2021-11-04
Commerce Dept adds NSO Group to its entity list, saying it “developed and supplied spyware to foreign governments” that then used the tools to target government officials, journalists, businesspeople, activists, academics, and embassy workers. https://www.commerce.gov/...
The Record
US sanctions four companies, including NSO Group, that sell spyware or hacking tools, adding them to a list of entities engaging in “malicious cyber activities”
The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today.
2021-06-11
“The Wall Street Journal tracked the most disruptive attacks to one group: a notorious gang of Eastern European cybercriminals once called the “Business Club,” with ties to Russian government security services” https://www.wsj.com/...
Wall Street Journal
A look at the ruthless Eastern European ransomware gang Ryuk, which hit 235+ US hospitals since 2018 and collected an estimated $100M in ransom last year
Wall Street Journal :
2021-06-03
New FBI statement: “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice.” https://twitter.com/...
The Record
The FBI says ransomware group REvil is behind the ongoing attack targeting meatpacking company JBS
Adam Janofsky / The Record :
2021-05-29
“Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020...Nobelium launched this week's attacks by gaining access to the Constant Contact account of USAID.” https://blogs.microsoft.com/ ...
New York Times
Microsoft: hackers behind SolarWinds recently breached State Dept. aid agency to send emails with malicious code to 150 orgs, including NGOs critical of Putin
Microsoft reported that it had detected the intrusion and that the same hackers behind the earlier SolarWinds attack were responsible.
2021-05-28
“Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020...Nobelium launched this week's attacks by gaining access to the Constant Contact account of USAID.” https://blogs.microsoft.com/ ...
New York Times
Microsoft says SolarWinds hackers seized an email system used by State Department's international aid agency to breach NGOs and organizations critical of Putin
Microsoft reported that it had detected the intrusion and that the same hackers behind the earlier SolarWinds attack were responsible.
2021-05-10
“The operator, Colonial Pipeline, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor...said it learned of the cyberattack on Friday, causing them to pause operations.” https://www.cnn.com/...
Bloomberg
Sources: cybercrime gang DarkSide, which caused Colonial Pipeline to halt operations, stole and encrypted ~100GB of data on Thursday before demanding a ransom
> The hackers who caused Colonial Pipeline to shut down the biggest U.S. gas pipe on Friday began their blitz against the co. a day earlier, stealing a large amount of data before ...
“The operator, Colonial Pipeline, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor...said it learned of the cyberattack on Friday, causing them to pause operations.” https://www.cnn.com/...
Wall Street Journal
Colonial Pipeline, which carries 45% of fuel consumed on the US East Coast, says it halted operations due to a ransomware attack
Colonial Pipeline carries roughly 45% of gasoline and diesel fuel consumed on the East Coast — The main pipeline carrying gasoline and diesel fuel …
2021-05-09
“The operator, Colonial Pipeline, which transports more than 100 million gallons of gasoline and other fuel daily from Houston to the New York Harbor...said it learned of the cyberattack on Friday, causing them to pause operations.” https://www.cnn.com/...
Wall Street Journal
Colonial Pipeline, which carries 45% of fuel consumed on the US East Coast, says it halted operations due to a ransomware attack
Colonial Pipeline carries roughly 45% of gasoline and diesel fuel consumed on the East Coast — The main pipeline carrying gasoline and diesel fuel …
2021-04-16
As we first reported yesterday morning, the admin is PNGing Russian diplomats (spies). “The US is expelling ten personnel from the Russian diplomatic mission in Washington, DC. The personnel include representatives of Russian intelligence services.” https://www.whitehouse.gov/...
MIT Technology Review
A look at Positive Technologies, a Russian cybersecurity firm sanctioned by the US, which sources say provides hacking tools and ops support for Russian spies
Washington has sanctioned Russian cybersecurity firm Positive Technologies. US intelligence reports claim it provides hacking tools and runs operations for the Kremlin.
2021-03-31
Scoop: Suspected Russian hackers stole thousands of State Department officials' emails late last year. The hackers accessed emails in the Bureau of European and Eurasian Affairs and Bureau of East Asian and Pacific Affairs. More here with @woodruffbets: https://www.politico.com/...
Politico
Sources: suspected Russian hackers stole thousands of State Department officials' emails last year; the classified network doesn't appear to have been accessed
Suspected Russian hackers stole thousands of State Department officials' emails last year, according to two Congressional sources familiar …
2021-03-29
NEW: The admin is still without a National Cyber Director as it attempts to respond to multiple cyber attacks and espionage campaigns. New details on the turf wars and political battles keeping open a role that Congress created and is demanding be filled: https://www.politico.com/...
Politico
National cyber director position, which Congress mandated in a defense bill last year, remains unfilled two months into Biden's admin due to political turf wars
Natasha Bertrand / Politico :
2021-02-18
Next steps: Finding and expelling adversary: coordinating interagency response from NSC, and coordinating with Congress Building back better to modernize federal defenses: need more integrated response, upcoming executive action to address gaps Potential response options
Bloomberg
Biden admin says SolarWinds attack was executed from within the US, though Russia was responsible, and nine federal agencies and ~100 companies were compromised
Bloomberg :
Neuberger says this is just the beginning of the USG's understanding of the scope and scale of the hack due to the sophistication of the techniques used, and says they have not ruled out potential additional activity beyond 9 agencies & 100 companies targeted.
Bloomberg
Biden admin says SolarWinds attack was executed from within the US, though Russia was responsible, and nine federal agencies and ~100 companies were compromised
Bloomberg :
2020-12-19
SCOOP/BREAKING NEWS: The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks, officials directly familiar with the matter said. https://www.politico.com/...
Reuters
An analysis of publicly available web records shows SolarWinds hackers accessed the networks at Cox Communications and the local government in Pima County, AZ
LONDON (Reuters) - Suspected Russian hackers accessed the systems of a U.S. internet provider and a county government in Arizona …