Summary:
Several high profile Twitter accounts were hacked and used to solicit cryptocurrency donations and scam unsuspecting users of about $100K in total. Twitter blames a social engineering attack against some of their employees, but one report says a simple bribe was the tool of of corruption. One expert noticed an unsolicited password reset message preceded the partially successful takeover of an account.

Summary:
What better hack than to turn ATM machines into fountains of money? Doing this through access to stolen credentials and the local network for the ATM is something that can be thwarted by normal security measures. But recent exploits have attached black boxes to the ATMs, and those boxes have run Diebold's own software. Hacking is a lot easier if you have all the APIs and libraries available on an Arduino that you can attach to the ATM! Several variants on the scheme have been reported. Diebold is glad to see that the proprietary software is not of recent vintage, a small ray of good news in a pool of theft.

Summary:
The Iranian hacker group known as ITG18 is a professional organization that trains their members in the arts of account compromise and date exfiltration. Their methods are painstaking and "meticulous", according to the people who have seen their videos. Those videos came to light when the organization uploaded them to a server. Everyone needs a way to share video, it seems. In this case, the server was known as a base for ITG18, so that upload was intercepted.

ITG18 teaches its operatives how to comb through a compromised account (including that of an enlisted member of the US Navy) to find personal information and credentials for associated accounts and social media. They are also adept at deleting emails about suspicious account activity.

Summary:
The EU has privacy protections for its citizens that exceed those in the US, and therein lies an IT problem. Even when a US company operating in the EU obeys those regulations, since 2016 they have been able to store personal data on servers that are physically in the US. A European court has ruled that once the data is in the US, it is subject to US surveillance that is incompatible with EU law.

By keeping the data within EU boundaries, the data may seem to have more protections, but some experts worry that the result may weaker security. When companies spin up server farms in EU, that benefits the EU economy, but if the facilities are run by a variety of interests with a diversity of security considerations, the data might be more vulnerable to criminal or foreign government attacks.

Summary:
Officials in the UK allege that a well-known Russian hacker group is targeting vaccine research companies and their employees. It is unclear why the UK is releasing this information now (presumably a state sponsored hacking group targets many thousands of people on a daily basis) or what the intent of the Russians might be. A Russian analyst suggests that any advance warning about results that might indicate the origin of the virus would have deep geopolitical implications. There is no indication that the research sites had data altered; that might slow down the research trials and delay vaccine production. [Ed. Given the importance of a vaccine to everyone in the world, why isn't all the data being openly published?].