@campuscodi@mastodon.social
@campuscodi@mastodon.social avatar

campuscodi

@campuscodi@mastodon.social

This profile is from a federated server and may be incomplete. Browse more on the original instance.

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://riskybiznews.substack.com/p/uk-summons-russian-ambassador-over-hacking
Podcast: https://risky.biz/RBNEWS232/

-UK summons Russian ambassador over hacking campaigns
-US charges two FSB APT members
-Former security exec sues Twitter
-Reuters temporarily removes Appin hacker-for-hire article
-23AndMe activates the lawyers
-Meta rolls out E2EE for Messenger
-Law enforcement have been using push notifications for surveillanec
-VPN users explode in Russia
-Windows 12 to come in June 2024
-Chrome 120 is out
-CISA recommends memory-safe langs

campuscodi,
@campuscodi@mastodon.social avatar

Plus:

-Crypto-exchange CEO pleads guilty for laundering ransomware funds
-Proxy providers behind Rappler DDoS attacks
-Malware reports on Krasue, Csharp-streamer RAT, Qilin
-APT reports on Lazarus, UAC-0050, APT28, Teal Kurma
-Russian info-op uses celebrities
-WordPress patches rare RCE
-Sierra21 vulnerabilities
-Chromecast jailbreak
-Vulns in Surys4, SonicWall, Zyxel NAS, Atlassian
-New Bluetooth vulnerability
-AutoSpill attack on password managers
-New Pool Party technique
-New Microsoft CISO

campuscodi, to random
@campuscodi@mastodon.social avatar

Is Twitch just endless commercials now?

campuscodi, to random
@campuscodi@mastodon.social avatar

PwC's security team has published a report going over SnappyTCP, a Linux reverse shell used in attacks by the Teal Kurma (Sea Turtle) APT: https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/tortoise-and-malwahare.html

Previous reporting linked the group to Türkiye.

campuscodi, to random
@campuscodi@mastodon.social avatar

Meta has started enabling end-to-end encryption (E2EE) conversations for all Facebook Messenger users.

The company says the roll-out phase will take a few months to complete, but it will cover all of its one billion Messenger users.

https://about.fb.com/news/2023/12/default-end-to-end-encryption-on-messenger/

campuscodi, to random
@campuscodi@mastodon.social avatar

Atlassian has released four security updates to patch RCE vulnerabilities across several products.

They're all pretty bad, so patch ASAP.

https://confluence.atlassian.com/security/december-2023-security-advisories-overview-1318892103.html

campuscodi, to random
@campuscodi@mastodon.social avatar

Microsoft has a new CISO in Igor Tsyganskiy

https://www.linkedin.com/feed/update/urn:li:activity:7137827887780438016/

campuscodi, to random
@campuscodi@mastodon.social avatar

UK summons Russian ambassador over hacking campaigns: https://www.gov.uk/government/news/uk-exposes-attempted-russian-cyber-interference-in-politics-and-democratic-processes

NCSC report on Star Blizzard (ColdRiver) activity is here: https://www.ncsc.gov.uk/news/star-blizzard-continues-spear-phishing-campaigns

PDF: https://www.ncsc.gov.uk/files/Advisory-Russian-FSB-cyber-actor-star-blizzard-continues-worldwide-spear-sphishing-campaigns.pdf

NSA report on the group: https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3609889/nsa-uk-national-cyber-security-centre-and-partners-release-update-about-russian/

Microsoft also released IOCs and TTPs: https://www.microsoft.com/en-us/security/blog/2023/12/07/star-blizzard-increases-sophistication-and-evasion-in-ongoing-attacks/

Sanctions were also levied against two Russians, including an FSB officer, for their role in the APT group

campuscodi,
@campuscodi@mastodon.social avatar

It appears this is also the first time Star Blizzard has been formally linked to the FSB's Center 18, marking the group's official dox!

Congrats FSB Center 18! Big day! :thinkerguns: 🥳

campuscodi,
@campuscodi@mastodon.social avatar

No US Treasury sanctions yet. Gonna check throughout the day and let you know.

campuscodi,
@campuscodi@mastodon.social avatar

Here are the US Treasury sanctions against Star Blizzard members: https://home.treasury.gov/news/press-releases/jy1962

DOJ charges are apparently coming soon too: https://www.justice.gov/opa/pr/two-russian-nationals-working-russias-federal-security-service-charged-global-computer

$10mil reward is up as well

campuscodi, to random
@campuscodi@mastodon.social avatar

Just a reminder that even if you get the RiskyBizNews newsletter via email, you can always find it on the web at https://riskybiznews.substack.com

The web version is better because I will often update it to fix typos, broken links, or add better links (i.e., English coverage for some articles that appeared in local press).

campuscodi, to random
@campuscodi@mastodon.social avatar

The amount of Russian propaganda in the social media and news site comments in Romania is absolutely staggering.

Literally everything is about the "evil EU" and the "degenerate left."

It could be an article about sports or cooking, it's still the EU or the left's fault somehow.

campuscodi, to random
@campuscodi@mastodon.social avatar

Security firm Group-IB has discovered a new Linux malware strain that has been secretly infecting systems since at least 2021.

Named Krasue, the malware is primarily used to serve as initial access for other cybercrime operations.

Group-IB says the botnet appears to have been created by the author of the infamous XorDDoS malware or at least by someone who had access to its original source code.

https://www.group-ib.com/blog/krasue-rat/

campuscodi, to random
@campuscodi@mastodon.social avatar

The CEO of the Bitzlato cryptocurrency exchange has pleaded guilty to money laundering-related charges

(this is the exchange used by Conti to convert stolen funds to rubles)

https://www.justice.gov/opa/pr/founder-and-majority-owner-cryptocurrency-exchange-pleads-guilty-unlicensed-money

campuscodi, to random
@campuscodi@mastodon.social avatar

Top exploited CVEs, per Cisco Talos

https://blog.talosintelligence.com/cisco-talos-2023-year-in-review/

campuscodi, to random
@campuscodi@mastodon.social avatar

CISA has published its second Secure by Design alert, with this one urging software developers to transition to memory-safe programming languages.

https://www.cisa.gov/case-memory-safe-roadmaps

campuscodi, to random
@campuscodi@mastodon.social avatar

WordPress 6.4.2 is out.

It's a security update that fixes an extremely RCE in the CMS

https://wordpress.org/news/2023/12/wordpress-6-4-2-maintenance-security-release/

campuscodi, to random
@campuscodi@mastodon.social avatar

DirectDefense have developed a three-exploit jailbreak for Chromecast

https://www.directdefense.com/executing-a-chromecast-exploit-times-three/

campuscodi, to random
@campuscodi@mastodon.social avatar

SecurityScorecard has identified six IP addresses used by Iranian group CyberAv3ngers to scan the internet for unsecured Unitronics PLCs.

88.135.36[.]82
5.144.130[.]35
217.144.104[.]53
31.7.73[.]176
217.144.107[.]183
185.143.233[.]120

https://securityscorecard.com/blog/iran-linked-attack-on-us-water-treatment-station/

campuscodi,
@campuscodi@mastodon.social avatar

Oh, I'm sorry.... I must use the BlackBerry method

[redacted].36[.]82
[redacted].130[.]35
[redacted].104[.]53
[redacted].73[.]176
[redacted].107[.]183
[redacted].233[.]120

campuscodi, to random
@campuscodi@mastodon.social avatar

The DOD IG has published a document with 24 recommendations for addressing cybersecurity vulnerabilities among DoD contractors.

https://www.dodig.mil/In-the-Spotlight/Article/3606048/press-release-special-report-common-cybersecurity-weaknesses-related-to-the-pro/

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://riskybiznews.substack.com/p/us-government-agencies-lag-on-logging
Podcast: https://risky.biz/RBNEWS231/

-US government agencies lag on logging compliance
-Windows 10 gets three years of paid security updates
-Andariel steals South Korea's laser weapons secrets
-There are still 23,000 backdoored Cisco IOS XE devices
-New SLAM CPU attack disclosed
-15k Go packages vulnerable to repo-jacking
-1.6k Hugging Face API tokens leak online
-HIBP is 10 years now (Feel old yet?)
-ColdFusion zero-day exploited against US govt

campuscodi, to random
@campuscodi@mastodon.social avatar

New CPU attack just dropped: SLAM

https://www.vusec.net/projects/slam/

campuscodi, to random
@campuscodi@mastodon.social avatar

CISA says a threat actor has compromised US govt systems via an Adobe Cold Fusion vulnerability.

The vuln was a zero-day when patched in March, but CISA says the attacks took place in June/July... so apply patches

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a

  • All
  • Subscribed
  • Moderated
  • Favorites
  • morbius
  • TeamSpeak
  • GTA5RPClips
  • everett
  • Youngstown
  • NeutralPolitics
  • slotface
  • Durango
  • rhentai
  • ethstaker
  • oldschoolgamer
  • InstantRegret
  • DreamBathrooms
  • Egalitarianism
  • kopitiam
  • Kemonomimi
  • smallboobs
  • tester
  • tacticalgear
  • cisconetworking
  • OmnivoreApp
  • cubers
  • osvaldo12
  • modclub
  • Leos
  • normalnudes
  • lostlight
  • relationshipadvice
  • All magazines
    •