Welcome to Codebook, the cybersecurity newsletter that forgot to ask his mom what Leafminer means (see below). Sometimes she knows.
Tips? Please reply to this newsletter — your replies come straight to me.
Photo: Jessica McGowan/Getty
At a moment when the issue couldn't be more pressing, Georgia's Republicans have just chosen a candidate for governor who has a record of courting controversy on cybersecurity.
Georgia Secretary of State Brian Kemp's Tuesday primary victory was bolstered by an endorsement from President Trump — and follows a long history of sometimes bizarre incidents relating to both hacking and election protection.
The details: A month after the 2016 presidential election, Kemp incorrectly accused the Department of Homeland Security of trying to hack his agency's systems.
Here's where it gets weird: On Dec. 6, 2016, Kemp sent the Department of Homeland Security a tough-talking letter calling this ordeal an "unsuccessful attempt to penetrate the Georgia Secretary of State's firewall."
It was a surreal accusation that DHS, a federal law enforcement and infrastructure protection agency, had broken the law by attempting to breach infrastructure.
Kemp is currently the central defendant in a lawsuit over Georgia's refusal to use election machines that leave an auditable paper trail.
Before the 2016 election, Kemp was a loud voice in a debate over whether DHS and the Election Assistance Commission should provide help to states that ask for it.
Codebook contacted the Kemp campaign for comment on this story, but did not receive a reply.
Editor's note: This story has been updated with information that Kennesaw State is no longer a vendor for Georgia.
A newly discovered group, dubbed Leafminer by the researchers who found it, is targeting the Middle East, Symantec reports.
The details: Symantec linked several extremely varied attacks together after discovering a server full of hacking resources and targeting information.
Leafminer has two custom malware tools in its arsenal but uses a lot of publicly available tools. It also relies on a number of publicly available prewritten code clippings, known as exploits, to avoid network secuirty.
Symantec found scanning information on 809 potential victims on the group's hacking resource server.
Kansas delegate Todd Tiahrt dressed as Wyatt Earp at the 2012 Republican National Convention. Photo: Chris Maddaloni/CQ Roll Call via Getty Images
Enterprise Resource Planning (ERP) software, software that merges a wide variety of corporate data into a single database, is an increasingly popular target for hackers, according to a government warning from US-CERT. CERT is basing the new advisory on a report by Digital Shadows and Onapsis.
Why it matters: ERP software is foundational to how modern companies operate and puts a huge variety and volume of data into a single database. That provides a single archive for hackers to target and potentially gain access to all of a company's usable data.
A new version of the Kronos banking malware is targeting Germany, Japan, and Poland, according to a new report from Proofpoint. The update to the long-dormant malware is known as Osirus.
Why it matters: The return of Kronos is not as notable for the current attacks as for the malware's strange backstory. The United States is currently prosecuting Marcus Hutchens for originally authoring and selling the malware. Hutchens became a folk hero in security last year when he discovered a "kill switch" in the fast spreading "WannaCry" malware, allowing him to deactivate WannaCry before it spread to the United States.
Julia Ioffe of GQ wrote a story about repeat experiences with an unusual Uber driver during her stay at the Aspen Security Forum last week. That Uber driver, who she calls "Gloria," asked questions about international security, revealed that she had once been part of a delegation to North Korea and knew details about Ioffe's personal life.
Ioffe speculated that, maybe, Gloria is a spy.
I also had Gloria as an Uber driver in Aspen. I just thought she was a little odd.
Notes on Gloria:
It turns out a leafminer is "the larva of an insect that lives in and eats the leaf tissue of plants." That's from Google, not my mom.
Codebook will return on Tuesday from New York.