Cozy Bear, or APT29, the Russian state-sponsored cyber-espionage group, appears to be active again, and it is thought to be impersonating the United States State Department in a large spear-phishing campaign.

Neither CrowdStrike nor FireEye has directly blamed Cozy Bear, saying attribution is still in progress, but FireEye noted, “This campaign has targeted over 20 FireEye customers across: Defense, Imagery, Law Enforcement, Local Government, Media, Military, Pharmaceutical, Think Tank, Transportation, and US Public Sector industries in multiple geographic regions.”

[ How much does a cyber attack really cost? Take a look at the numbers. | Get the latest from CSO by signing up for our newsletters. ]

Other cybersecurity news:

Windows 10 update creates network and security issues

Microsoft confirmed that Windows 10 October 2018 Update, aka version 1809, has caused issues that involve losing network access. The same re-released Windows 10 update has compatibility issues with some Trend Micro security products.

Some Windows Insiders were outraged after an update to the Windows 10 Mail app enabled ads for non-Office 365 subscribers. Careful not to get whiplash, as Microsoft had posted and then deleted an FAQ about the ads in Mail for Windows 10. Frank Shaw, lead communications spokesman for Microsoft, said, “This was an experimental feature that was never intended to be tested broadly and is being turned off.”

Amazon blocks public access to S3 storage buckers

Perhaps we will hear of fewer AWS S3 data storage bucket leaks now that Amazon Web Services has rolled out new security features, including an option to block public access to S3 buckets.

Trump signs bill that creates new cybersecurity agency

U.S. President Donald Trump signed a cybersecurity bill into law on Friday. The Cybersecurity and Infrastructure Security Agency Act names the Department of Homeland Security's National Protection and Program Directorate as the head of this new cybersecurity agency.

Voxox database misconfiguration exposes over 26M text messages and more

The communications company Voxox failed to protect a server with a password, resulting in the exposure of “a massive database” that contains over 26 million text messages, as well as “password reset links, two-factor codes, shipping notifications,” and other personal information. “The ability to access two-factor codes in near real-time could have put countless number of accounts at risk of hijack,” security researcher Dylan Katz told TechCrunch.

Facebook denies trying to hide Russian interference with election



Facebook’s Sheryl Sandberg denied claims made in a New York Times report that she and Mark Zuckerberg were reluctant to come clean about the Russian interference with the 2016 election.

Federal charges against Julian Assange tied to Russian hacking

Federal prosecuters accidentally revealed that criminal charges have been filed against WikiLeaks founder Julian Assange. The charges apparently are related his ties to the Russian government and its hacking.

Vulnerabilities and cyber attacks