Certain hacking activity targeting the aviation and aerospace industries has caught the attention of various security researchers over the last few years, as the incidents involved similar tactics, off-the-shelf malware and lures. Cybersecurity firm Proofpoint is now tying all that activity to one hacking group, with the new label TA2541. The researchers didn't make any conclusions on Tuesday about origins or end goals, but others in the past have pointed to connections in Nigeria, and suggested credential theft as a possible goal. AJ Vicens explains.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Look to Moscow City for evidence of crypto money laundering, Chainalysis says

Cryptocurrency-tracking company Chainalysis examined about three years of trading involving “risky or illicit” digital addresses that could be tied to cybercrime in some way, and the research pointed researchers to one location in the real world: Moscow City, the Russian capital’s skyscraper-packed financial district. “A huge amount of cryptocurrency-based money laundering, not just of ransomware funds but of funds associated with other forms of cybercrime as well, goes through services with substantial operations in Russia,” Chainalysis says. Joe Warminsky has the numbers.

'Freedom Convoy' donations exposed

Christian crowdfunding website GiveSendGo was still offline Tuesday morning, due to an apparent hack after the company vowed to fight a Canadian court order to stop disbursing donated funds to a trucker convoy protesting COVID-19 measures there. The attackers appear to have leaked donor information, including names, email addresses, zip codes and IP addresses, according to anti-secrecy group DDoSSecrets, which obtained the unsecured files. GiveSendGo did not respond to a request for comment. Tonya Riley reports.

More funding for Ransomware Task Force

The nongovernmental Institute for Security and Technology's Ransomware Task Force was hard at work in its first year, producing an 81-page report on policies and actions for lessening the impact of ransomware nationwide. One suggestion — establishing a Cyber Response and Recovery Fund to help incident response at all levels of government — was funded with $20 million under the big federal infrastructure spending law. The task force itself got a boost this week, announcing $800,000 in funding from philanthropy groups. FedScoop's Dave Nyczepir has more.

Election security rules updated in Colorado

Colorado's secretary of state has announced a set of rules tightening security controls on the technology used by election administrators around the state. The rules, which officials said are temporary, arrive in the wake of election security violations in two counties, one of which was ordered last year to replace its entire inventory of voting equipment after an unauthorized person published video footage of passwords for ballot-processing devices on a conspiracy-theory website. Benjamin Freed has the story at StateScoop.

Tweet Of The Day