AWS investments are estimated to create at least 1,000 jobs and support new workforce development training programs and local community projects in the state.

New Meta data center will join the company’s other Alabama data center campus, located in Huntsville, representing a total investment commitment of $1.5 billion.

Apple today announced financial results for its fiscal 2024 second quarter ended March 30, 2024.

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Ciarra Huhman.

It’s been little more than a week since Apple rolled out an unprecedented 74 new rules to its XProtect malware signature list in version 2192. A further 10 rules were appended in version 2193 on April 30th. Cupertino’s security team were clearly hoping that a concerted effort would serve to disrupt prolific adware distributor Adload’s assault on macOS devices. Those behind the adware, however, appear to have pivoted quickly as dozens of new Adload samples are already appearing that evade Apple’s new signatures.

In this post, we take a look at one variant of these new samples that is almost entirely undetected on VirusTotal at this time. We hope this exposure will both help inform security teams looking to keep adware nuisances out of their environment and serve to boost detection recognition across other vendor engines.

Apple’s Massive Adload Signature Update

With XProtect version 2192, Apple added 74 new rules to XProtect.yara. While a few of these were targeted at other malware and adware distributors, the vast majority targeted adware widely known as Adload.

Well, there are 74 new rules in XProtect v2192 , so it's going to take me a bit to update https://t.co/Fgr7MGgRL2 with sample hashes, but interesting to see Apple trying to disrupt Adload's entire codebase. pic.twitter.com/n0eX6FfSEh

— Phil Stokes ⫍⫎ (@philofishal) April 25, 2024

Meet Dezmond Blair, Elena Galluzzo, and Jawaher Shaman, three winners of Apple’s 2024 Swift Student Challenge.

Hydrogen has a role to play in delivering power with zero emissions at the point of use, including as part of mission critical and backup power systems.

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Earlene Gibbons.

Last week, PinnacleOne examined the state of aviation cybersecurity given recent incidents and federal action.

This week, we boost our view into orbit and dive into the intersection of cybersecurity and geopolitical risk facing the rapidly expanding space economy.

Please subscribe to read future issues — and forward this newsletter to interested colleagues.

Contact us directly with any comments or questions: This email address is being protected from spambots. You need JavaScript enabled to view it.

Insight Focus: Commercial Industry in Contested “Space”

In early April, the United States Space Force (USSF) released their first Commercial Space Strategy, embarking on a major shift in its approach to space operations, one that recognizes the pivotal role of the private sector in driving innovation. This USSF move to integrate commercial space solutions into “hybrid architectures” will raise critical issues of “dual-use capabilities” facing cyber and counterspace threats from China and Russia across peacetime, crisis, and conflict.

Mission Critical recently sat down with CNet Training to find out more about the Digital Futures Program, a collaborative between a group on industry organizations and university technical colleges. 

The Good | U.S. Govt Sends Spyware Abusers, Cybercriminals, and Crypto Launderers to Court

The U.S. government this week took three decisive actions against cyber criminals: a visa ban on thirteen spyware makers and sellers, sanctions against four Iranian nationals for their roles in recent cyberattacks, and an official charge for two cryptomixers.

Following the February announcement to set visa restrictions on commercial spyware developers and vendors, the Department of State has cracked down on the first thirteen individuals and their families. Excluding visa applications in this case effectively bans those who are linked to such operations from entering the U.S. The abuse of spyware has been a rising issue in recent years as adversaries use it to target persons of interest such as journalists, human rights advocates, academics, and government employees.

Two front companies and four individuals were sanctioned by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) for their association to cyber activities supporting the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) over the span of five years. Collectively, the identified threat actors have targeted over a dozen U.S. organizations, including the U.S. government and defense contractors through spear phishing and malware attacks, compromising over 200,000 employee accounts.

Up to $10 Million Reward & Possible Relocation

These individuals conducted malicious cyber ops against U.S. firms and government agencies on behalf of Iran’s IRGC.

As the demand for digital services surges, embracing sustainable practices becomes not just an ethical imperative but a strategic advantage for data centers shaping the digital landscape.

Andy Syrewicze is a security evangelist at Hornetsecurity. Hear what he has to say about World Backup Day and why it deserves to be recognized. 

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Amie Fish.

Threat actors consistently alter and develop their schemes in order to further escalate their payoffs. In a new trend, ransomware affiliates are actively re-monetizing stolen data outside of their original RaaS agreements, especially as financial squabbles between threat actors emerge in the ransomware economy. The affiliates in such instances are starting to work with third-parties or external data leak services in order to re-extort victims who have already paid the ransom to the original attackers.

This blog post examines how affiliate attackers are embracing this new third-party extortion method, illustrated most recently by the ostensibly back-to-back cyberattacks on Change Healthcare and the emergence of services like RansomHub and Dispossessor.

ALPHV Exit Scam & Re-Extortion by RansomHub

In February 2024, a subsidiary of healthcare giant UnitedHealth Group (UHG) was forced to take down its IT systems and various services. The root of the disruption was a cyberattack by a BlackCat (aka ALPHV) affiliate on Change Healthcare, a healthcare technology platform used by the subsidiary.

Post-attack, ALPHV ransomware operators reportedly took down their data leak blog, servers, and operation negotiation sites, and failed to pay the affiliate their agreed share of the ransom.

Purportedly, Change Healthcare paid out the $22 million ransom demand, only to be targeted a second time just weeks after recovering from the initial attack. This time around, the ransomware attack was claimed by a threat actor working in conjunction with RansomHub, a new extortion group claiming to hold 4 terabytes of the victim’s sensitive data including personally identifiable information (PII) of active U.S. military personnel, patient records, and payment information.

Beginning in May, the Today at Apple series “Made for Business” will show entrepreneurs how Apple products and services can support their success.

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Nicole Dierksheide.

It is not enough to simply establish policies for the ethical use of AI. Ensuring its ethical application is an ongoing process that requires continuous learning and adaptation.

Last week, PinnacleOne reviewed escalation dynamics in the Middle East.

This week, we turn our attention to domestic critical infrastructure with a look at recent developments in aviation cybersecurity.

Please subscribe to read future issues — and forward this newsletter to interested colleagues.

Contact us directly with any comments or questions: This email address is being protected from spambots. You need JavaScript enabled to view it.

Insight Focus | Aviation Cybersecurity

The aviation sector continues to face a complex and evolving cybersecurity threat landscape with nation-state actors, cybercriminal groups, and hacktivists targeting critical infrastructure. Last week, the FAA issued a ground stop order on Alaska Airlines for one hour due to an “upgrade issue with flight software that calculates weight and balance.” This follows a similar hour-long nationwide ground stop last year caused by a software update at United Airlines, a network-wide outage at WestJet caused by a service provider, and a ransomware breach at Sabre.

Industry growth is a given, which means company decision-makers are creating the future of data centers in 2024 and beyond today.