Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
A U.K. national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding other users of the platform. Joseph James O’Connor, who also went by the online alias PlugwalkJoe, admitted to « his role in cyberstalking and multiple schemes that involve computer hacking, including the July 2020 hack of […]
U.S. Government Neutralizes Russia’s Most Sophisticated Snake Cyber Espionage Tool
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia’s Federal Security Service (FSB). Snake, dubbed the « most sophisticated cyber espionage tool, » is the handiwork of a Russian state-sponsored group called Turla (aka Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear,
Microsoft’s May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that it said is being actively exploited in the wild. Trend Micro’s Zero Day Initiative (ZDI) said the volume is the lowest since August 2021, although it pointed out that « this number is expected to rise in the coming months. » […]
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The takedown is part of an ongoing international initiative dubbed Operation PowerOFF that’s aimed at dismantling criminal DDoS-for-hire infrastructures worldwide. The development comes almost five months after a « sweep » in December 2022 dismantled 48 similar services
Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps
A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that has been ongoing since October 2021. Slovak cybersecurity firm ESET is tracking the series of attacks against Southeast Asian gambling companies under the name Operation ChattyGoblin. « These attacks use a specific tactic: targeting the victim companies’ […]
Product Security: Harnessing the Collective Experience and Collaborative Tools in DevSecOps
In the fast-paced cybersecurity landscape, product security takes center stage. DevSecOps swoops in, seamlessly merging security practices into DevOps, empowering teams to tackle challenges. Let’s dive into DevSecOps and explore how collaboration can give your team the edge to fight cyber villains. Application security and product security Regrettably, application security teams often intervene
Researchers Uncover SideWinder’s Latest Server-Based Polymorphism Technique
The advanced persistent threat (APT) actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. « In this campaign, the SideWinder advanced persistent threat (APT) group used a server-based polymorphism technique to deliver the next stage payload, » […]
CERTFR-2023-ACT-020 : Bulletin d’actualité CERTFR-2023-ACT-020 (09 mai 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability
Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said. The tech giant’s threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023-27350 in their operations to achieve initial access. « This activity shows Mint
New Ransomware Strain ‘CACTUS’ Exploits VPN Flaws to Infiltrate Networks
Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks. « Once inside the network, CACTUS actors attempt to enumerate local and network user accounts in addition to reachable endpoints before creating new user accounts and […]