Homeland Security Issues Warning on Cyberattack Campaign – United States
The Department of Homeland Security is warning IT services providers, healthcare organizations and three other business sectors about a sophisticated cyberattack campaign that involves using stolen administrative credentials and implanting malware, including PLUGX/SOGU and RedLeaves, on critical systems. The alert notes that DHS' National Cybersecurity and Communications Integration Center "has become aware of an emerging sophisticated campaign, occurring since at least May 2016, which uses multiple malware implants. Initial victims have been identified in several sectors, including information technology, energy, healthcare and public health, communications and critical manufacturing." Mac McMillan, president of the security consulting firm CynergisTek, says the threat is serious. "These attacks could lead to full network compromise, long-term undetected attacks, and compromise/exploitation of systems and data, essentially putting both operations and patient safety at risk," he says. The April 27 alert, which was updated on May 2, says preliminary analysis has found that threat actors appear to be leveraging stolen administrative credentials - local and domain - and certificates.
Third Man Suspected of Planning Extremist Attack Detained – Germany
German police have detained a third man suspected of involvement in a plan by an army officer and a student to carry out an attack, possibly on left-leaning politicians who favor immigration, the federal public prosecutor said on Tuesday. The prosecutor's office named the third suspect in the case that has shocked Germany as Maximilian T., a 27-year-old German citizen. "The accused is strongly suspected of planning a severe act of violence against the state out of a right-wing extremist conviction," the prosecutor's office said in a statement. The three had planned to carry out an attack and make it look like it had been the work of Islamist militants. Former president Joachim Gauck and Justice Minister Heiko Maas were on a list of possible targets prepared by the suspects.
Some Chase Branches in Seattle Closed By Protests over Pipeline Loans – Washington, United States
Native American leaders and climate activists protested at several Chase branches in Seattle on Monday, forcing them to close temporarily as demonstrators demanded the bank not lend to projects like the Keystone XL oil pipeline. Police said 26 people were arrested by late afternoon. Activists said they disrupted operations at 11 Chase branches, and two other branches closed as well. Darcy Donahoe-Wilmot, a spokeswoman for Chase, which is a unit of JP Morgan Chase & Co, declined to comment. At a branch in downtown Seattle, about 50 protesters occupied the main lobby, where they made speeches, sang songs, held signs and banners and even ordered a tall stack of pizzas before police blocked the doors. At another Seattle branch, a handful of protesters went inside while two others locked themselves by their necks to the front doors with bicycle locks. Organizers of the protests aimed to dissuade Chase from lending to the companies behind two major oil infrastructure projects, the Keystone XL pipeline, and Trans Mountain Pipeline expansion, and tar sands oil production in general. Protesters said they were fighting global warming. Keystone XL is a project of TransCanada Corp and Trans Mountain Pipeline is a project of Kinder Morgan Inc. These efforts echo similar efforts with other banks as activists have shifted to targeting the financial backers of the pipelines rather than sites like the Dakota Access Pipeline in North Dakota, where thousands protested last year.
