This is probably one of the US security services checking up on the NYT and its sources.
Security vendor FireEye believes it's spotted signs that the attackers who breached the New York Times' network last year are busy again – and that they've improved the malware they're using. The vendor says the group, dubbed APT 12, has revised the Aumlib and "lxeshe" malware in the time between January and now. January was …
I ran across DeadDrop [github.io] the other day, which has been implemented by the New Yorker [newyorker.com] as StrongBox. Running on a logically and physically separate network from the corporate one, it is designed to give a secure pathway for anonymous communications between journalists and their sources. It would be good to see more journals, particularly the ones with a long and strong tradition of investigative journalism, implementing and improving on DeadDrop. It represents part of Aaron Swartz's software legacy (GPL Affero).
Gives 'em something to do...
The NYT certainly isn't doing much journalism.
(Icon for what they have up their butt)