Visit Interpol for additional and important information.

This suprisingly frank initial statement regarding the work Coalfire was contracted to perform and regarding the actions to be taken, thereto, follows after the next paragraph split.

Perhaps this entire scenario is indicative of governmental malfeascenace rather than profit-driven overreach by the corporate entity contracted to perform the labor and analysis... You be the judge...

September 18, 2019

State of Iowa State Court Administration Statement on the Coalfire Debacle:

Malicious cyber criminals use all techniques at their disposal—fair or foul—to access valuable data from private and public organizations. Global cybersecurity firms (such as Coalfire) involved in technical testing are professionally contracted to simulate real-world attacks using the same techniques any attacker may use to test the company’s defenses so that they can remedy their vulnerabilities before a real-world attack occurs.

Recently, two penetration testers employed by Coalfire were arrested in the Dallas County Courthouse during a security testing exercise to help the Iowa Judicial Branch ensure the court’s highly sensitive data was secured against attack. Coalfire was working to provide quality client service and a stronger security posture. Coalfire and State Court Administration believed they were in agreement regarding the physical security assessments for the locations included in the scope of work. Yet, recent events have shown that Coalfire and State Court Administration had different interpretations of the scope of the agreement. Together, Coalfire and State Court Administration continue to navigate through this process. To that end, the Iowa Judicial Branch and Coalfire will each be conducting independent reviews and releasing the contractual documents executed between both parties.

State Court Administration has worked with Coalfire in the past to conduct security testing of its data and welcomed the opportunity to work with them again. Both organizations value the importance of protecting the safety and security of employees as well as the integrity of data.

State Court Administration apologizes to the sheriffs and boards of supervisors of Dallas County and Polk County for the confusion and impact these incidents have caused.

Links below are to the contract documents with allowable redactions

Requirements and Assumptions Service Order—Redacted Rules of Engagement—Redacted Social Engineering Authorization—Redacted Master Agreement—Redacted

Videography Credit: Irongeek (Adrian Crenshaw).

Lisa Forte, a Partner at UK based Red Goat Cyber Security, regales us with a tremendous blog post - detailing, if you will, the effort expended in executing reconnaissance operation targeting the focus of a social engineering mission. Quite likely the best prose you'll feast your eyes upon today, I'll wager.

Apparently, a new Microsoft Corporation (Nasdaq: MSFT) Windows' Powershell soceng scam is making the rounds, according to Lawrence Abrams, concise writing at Bleeping Computer. Mind Your Shells!

via Motherboard contributor Joseph Cox, comes the strange case of the errant USB stick, down under. In this case, the USB stick, that may appear in any Australian postal mailbox. Hat Tip...

Rick Robinson, reporting at Security Intelligence, briefly focuses on social engineering attacks and the so-called deployment of fake profiles... Also known as con-artistry, and in this case, of the pernicious kind...

La Fin de Twitter est Proche, otherwise known as The End of Twitter, Inc. (NasdaqGS: TWTR) is Near... via The Harvard Business Review, and written by Alexandera Samuel, comes this tell-all on the rise of 'bots infecting Twitter, and not necessarily the 'bots you may think. Entitled "How Bots Took Over Twitter". Congratulations, you have discovered Today's Must Read.

Looks like GoDaddy has been hit again... Via CSOOnline's Steve Ragan, this time, smacked with the Social Engineering Paddle. When any registrar is attacked (successfully or otherwise) we all lose. The ramification to safe naming work - perhaps emanating from planted persistent threats post-attack - can permeate the infrastructure of the domain registration naming system.

Suprised by the largest heist in history? Concerned about Carbanak APT? Clearly, proof-positive that advanced persistent threats are deeply evil - and highly efficient when coupled with other complimentary and stealth-like methodologies (aka Hiding in Plain Sight). Read on...