On Tuesday, August 29, 2023, the Federal Bureau of Investigations Los Angeles announced that they and other international partners disrupted the Qakbot malware infrastructure in a successful takedown. First things first, this is awesome!!!
Raising Online Defenses Through Transparency and Collaboration | Meta
We're sharing a look into our defense strategy and the latest news on how we build it into our products. A recent study shows that de-platforming hate networks reduces consumption and production of hateful content on Facebook and diminishes the ability of these hate networks to operate online. We’re sharing new threat research on two of the largest known covert influence operations in the world from China and Russia, targeting 50+ apps and countries, including the US. * We added new transparency features to Threads, including state-controlled media labels to help people know exactly who they interact with on the new app.
It Costs Just $400 to Build an AI Disinformation Machine
A developer used widely available AI tools to generate anti-Russian tweets and articles. The project is intended to highlight how cheap and easy it has become to create propaganda at scale.
Xplain: les données de procédures pénales en cours sont sur le darknet
Suite à l’attaque contre le prestataire Xplain, des données sensibles issues des enquêtes du Parquet fédéral sont sur le dark web, selon les d'investigation du quotidien Le Temps. Une procédure de mise à jour d’un logiciel de Fedpol ne se serait pas déroulée comme le prévoit un protocole pourtant mis en place.
Qakbot botnet infrastructure shattered after international operation
Active since 2007, this prolific malware (also known as QBot or Pinkslipbot) evolved over time using different techniques to infect users and compromise systems. Qakbot infiltrated victims’ computers through spam emails containing malicious attachments or hyperlinks. Once installed on the targeted computer, the malware allowed for infections with next-stage payloads such as ransomware. Additionally, the infected computer became part of...
The Cheap Radio Hack That Disrupted Poland’s Railway System
The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.
Qakbot botnet dismantled after infecting over 700,000 computers
Qakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded by the FBI and known as Operation 'Duck Hunt.'
Attacks on Citrix NetScaler systems linked to ransomware actor
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.
Discover the lifecycle of a commercial web traffic filtering service originating from a GitHub project and how it found success within phishing operations, including how it evolved into a commercial platform offering under new branding.
we continue our series on stalkerware with a write-up and batch of data sent to me by a source last night. this time it is the brazilian ownspy (aka webdetective and saferspy, by mobileinnova) that has been completely hacked. among other things ownspy claims to be the #1 most privacy focused "parental control app" allegedly featuring E2E encryption, if this sounds too good to be true that's because it mostly is, but more on that later.
GTA 6 Hacker Found To Be Teen With Amazon Fire Stick In Small Town Hotel Room
International cybercrime, as portrayed by the movies and mass media, is a high-stakes game of shadowy government agencies and state-sponsored hacking groups. Hollywood casting will wheel out a charact...
The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquattin
Poland investigates cyber-attack on rail network - BBC News
olish intelligence services are investigating a hacking attack on the country's railways, Polish media say. Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday. The signals were interspersed with recording of Russia's national anthem and a speech by President Vladimir Putin, the report says.
Met Police admits details of officers at risk of exposure after warrant card supplier was hacked
The security breach took place when cybercriminals successfully breached the IT systems of a contractor in charge of producing warrant cards and staff passes.
CVE-2023-36844 And Friends: RCE In Juniper Devices
As part of our Continuous Automated Red Teaming and Attack Surface Management technology - the watchTowr Platform - we're incredibly proud of our ability to discover nested, exploitable vulnerabilities across huge attack surfaces. Through our rapid PoC process, we enable our clients to understand if they are vulnerable to emerging
Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT
This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.
Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders – Sophos News
Compromised credentials are a gift that keeps on giving (your stuff away) MFA is your mature, sensible friend Dwell time is sinking faster than RMS Titanic Criminals don’t take time off; neither can you
Active Directory servers: The ultimate attacker tool RDP: High time to decline the risk Missing telemetry just makes things harder
Resecurity | Cl0p Ups the Ante with Massive MOVEit Transfer Supply-Chain Exploit
The supply-chain cyberattack that targeted Progress Software’s MOVEit Transfer application has compromised over 963 private and public-sector organizations worldwide. The ransomware group, Cl0p, launched this attack campaign over Memorial Day weekend. Some higher-profile victims of the hack include Maximus, Deloitte, TIAA, Ernst & Young, Shell, Deutsche Bank, PricewaterhouseCoopers, Sony, Siemens, BBC, British Airways, the U.S. Department of Energy, the U.S. Department of Agriculture, the Louisiana Office of Motor Vehicles, the Colorado Department of Health Care Policy and Financing, and other U.S. government agencies. Thus far, the personal data of over 58 million people is believed to have been exposed in this exploit campaign.
Fake Roblox packages target npm with Luna Grabber information-stealing malware
ReversingLabs researchers have identified more than a dozen malicious packages targeting Roblox API users on the npm repository. This latest campaign recalls a 2021 attack.
Genève: Un élu a farfouillé sans droit dans les fichiers de la justice
Le conseiller administratif d’une petite commune a été condamné pour violation du secret de fonction. Il avait utilisé son emploi au Pouvoir judiciaire pour se renseigner au sujet d’une plainte pénale.
