Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios Pro Rata

Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Austin news?

Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Atlanta news?

Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Philadelphia news?

Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Chicago news?

Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top DC news?

Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Hackers targeting nongovernmental humanitarian groups, including UN groups like UNICEF, sought to steal login credentials using sophisticated phishing sites, according to a new report by mobile security firm Lookout.

Why it matters: Lookout doesn't attribute attacks to specific actors, but the lures used to draw targets to the phishing sites were links only of interest to workers following North Korea issues. That suggests North Korea is a likely suspect here.

What they found: The phishing sites used a number of clever tricks.

  • For one, if users reached the phishing sites through any path other than the phishing URL, it forwarded the user to a legitimate site. That limits the hackers' exposure.
  • While most people believe a site won't see the login data they type into a website unless they hit submit, the sites used key loggers to steal login data even if they didn't.
  • Like many modern phishing campaigns, the site used SSL certificates — the encryption measures that produce the lock icon in the URL bar, which less sophisticated users are sometimes told to look for to thwart phishing. Also, the sites used long URL names, making it harder for people on mobile phones to notice inconsistencies there.

The sites were hosted by the Malaysian firm Shinjiru, Lookout's Jeremy Richards told Axios.

  • Shinjiru is a so-called bulletproof hosting service offering technical and legal protections for hackers. Using providers like Shinjiru raises an automatic red flag in Lookout's machine learning system.

Go deeper

Updated 9 mins ago - Politics & Policy

U.S. faces urgent anti-hacker crisis

Illustration: Allie Carl/Axios

The Biden administration is accelerating efforts to fill nearly 600,000 vacant cybersecurity positions in the public and private sectors bogging down efforts to protect digital infrastructure.

Why it matters: Following a deluge of ransomware attacks targeting critical government and corporate infrastructure this year, clogs in the talent pipeline are leaving federal, cash-strapped local governments and Big Business even more susceptible to hacking.

Mike Allen, author of AM
5 hours ago - World

Courage vs. coddling with China

Peng Shuai of China serves during the China Open in Beijing in 2017. Photo: Andy Wong/AP

The women's professional tennis tour suspended tournaments in China Wednesday out of concern for Peng Shuai, on the same day that a top business voice made excuses for Beijing.

Why it matters: Ahead of February's Winter Olympics in Beijing, some sports figures are taking on the regime — while Big Business shrinks from confrontation with the world's second-largest economy.

5 hours ago - Sports

What to know about the first MLB lockout since 1995

Illustration: Shoshana Gordon/Axios

Hope you enjoyed the recent flurry of free-agent activity, because it's likely the last non-lockout-related MLB news for a while.

Driving the news: The owners locked out the players after the collective bargaining agreement expired at midnight last night, leading to MLB's ninth work stoppage — and first since 1995.