The Taliban’s access to data. Bangkok Airways discloses data breach. FBI and CISA urge vigilance during Labor Day weekend.

The Taliban’s access to data.

The Taliban’s seizure of HIIDE (Handheld Interagency Identity Detection Equipment) biometric registration and identification devices aroused concern when it was first reported, but the risks of that loss, while real, seem likely to be limited. MIT Technology Review argues that a more serious matter is the insurgent government’s acquisition of APPS, the Afghan Personnel and Pay System used by the deposed government’s Ministries of Defense and the Interior. APPS data were unprotected by retention or deletion policies and was presumably seized intact.

Phorpiex botnet shuts down.

The Record reports that the Phorpiex botnet has shut down, and researchers at Cyjax have found that the botnet’s proprietors are offering the source code for sale. If you’re in the market, not that you would be, know that Phorpiex has a mixed reputation in the underworld. It’s been profitable, with its spam module and ability to hijack cryptocurrency clipboards being consistent moneymakers. Phorpiex has also hired its botnet out for use by ransomware operators, among them Avaddon, a gang that’s recently gone into occultation. On the other hand Phorpiex’s own security has tended toward the slipshod, with other criminals able to either uninstall it or substitute their own payloads for those the proprietors intended.

Bangkok Airways discloses data breach.

Bangkok Airways disclosed that it’s been the victim of an attack that compromised passengers’ personal information, including name, “nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information.” ZDNet reports that the LockBit ransomware gang has claimed responsibility and threatened to release information if their ransom demands aren’t met. That data dump, the Register wrote Tuesday, has begun, as Bangkok Airways refused to pay the ransom. The size of the data dump is assessed variously as between 103GB and more than 200GB.

BleepingComputer reports that the gang also claims to have used credentials stolen from Accenture to access and encrypt files at an unnamed airport. That last brag, however, seems not to be…