US task force says Solorigate is “likely Russian in origin.” Criminals scan for

Yesterday afternoon the Cyber Unified Coordination Group (UCG), the task force established by the US President and his National Security Council to investigate and remediate the Solorigate incident, released a statement on its conclusions so far. It read, in part, “This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks. At this time, we believe this was, and continues to be, an intelligence gathering effort. We are taking all necessary steps to understand the full scope of this campaign and respond accordingly.” The UCG is composed of elements drawn from CISA, the FBI, NSA, and the Office of the Director of National Intelligence.

BleepingComputer reports that attackers are working to exploit vulnerable Zyxel systems. GreyNoise researchers have found three distinct scans in progress for SSH devices. The scanners then try to log in using Zyxel backdoor credentials.

2021’s first new strain of ransomware, Babuk Locker, is out in the wild, according to BleepingComputer. It’s assessed as “amateurish” but equipped with effective encryption.

Bloomberg says that, after a call from US Treasury Secretary Mnuchin, the New York Stock Exchange is reconsidering its reconsideration, and is again thinking it may delist China Mobile, China Telecom, and China Unicom.

WikiLeaks founder Julian Assange will remain in jail, CNN reports. A judge denied bail at a hearing this morning; Mr. Assange will continue to be incarcerated in Her Majesty’s Prison Belmarsh.