Month: March 2023

Enlarge / Locked out. (credit: Sean Gladwell / Getty Images)

Threat actors aligned with Russia and Belarus are targeting elected US officials supporting Ukraine, using attacks that attempt to compromise their email accounts, researchers from security firm Proofpoint said.

The campaign, which also targets officials of European nations, uses malicious JavaScript that’s customized for individual webmail portals belonging to various NATO-aligned organizations, a report Proofpoint published Thursday said. The threat actor—which Proofpoint has tracked since 2021 under the name TA473—employs sustained reconnaissance and painstaking research to ensure the scripts steal targets’ usernames, passwords, and other sensitive login credentials as intended on each publicly exposed webmail portal being targeted.

Tenacious targeting

“This actor has been tenacious in its targeting of American and European officials as well as military and diplomatic personnel in Europe,” Proofpoint threat researcher Michael Raggi wrote in an email. “Since late 2022, TA473 has invested an ample amount of time studying the webmail portals of European government entities and scanning publicly facing infrastructure for vulnerabilities all in an effort to ultimately gain access to emails of those closely involved in government affairs and the Russia-Ukraine war.”

Enlarge / Locked out. (credit: Sean Gladwell / Getty Images)

Threat actors aligned with Russia and Belarus are targeting elected US officials supporting Ukraine, using attacks that attempt to compromise their email accounts, researchers from security firm Proofpoint said.

The campaign, which also targets officials of European nations, uses malicious JavaScript that’s customized for individual webmail portals belonging to various NATO-aligned organizations, a report Proofpoint published Thursday said. The threat actor—which Proofpoint has tracked since 2021 under the name TA473—employs sustained reconnaissance and painstaking research to ensure the scripts steal targets’ usernames, passwords, and other sensitive login credentials as intended on each publicly exposed webmail portal being targeted.

Tenacious targeting

“This actor has been tenacious in its targeting of American and European officials as well as military and diplomatic personnel in Europe,” Proofpoint threat researcher Michael Raggi wrote in an email. “Since late 2022, TA473 has invested an ample amount of time studying the webmail portals of European government entities and scanning publicly facing infrastructure for vulnerabilities all in an effort to ultimately gain access to emails of those closely involved in government affairs and the Russia-Ukraine war.”

Enlarge / Slam that bash pad!

Rumor had it that there was this fighting video game, like Karate Champ, except the harder you hit the buttons, the stronger your attacks were. It was also said that if you hit a button hard enough, you could knock out your opponent with one hit! Certain people were supposedly seen climbing on and jumping up and down on the buttons of the machine in the hope of making a killing strike.

As a child of the '80s who loved video games, this game intrigued me.

I soon discovered that the game was called Street Fighter (SF1), and it was made by a company called Capcom. In my local arcade, it consisted of a large, curvy cabinet with two sets of controls to accommodate two players at once. Each player had a start button, an eight-way joystick, and two large pressure-sensitive rubber buttons. This cabinet is now often called the "deluxe" or "crescent" cab, and the pressure-sensitive buttons are often called "bash pads" or "pneumatic buttons." It looked totally rad.