My Weekly Roundup #144
A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs
A massive DDoS attack took down Finnish government websites while Ukrainian President Zelenskyy addressed Finland’s members of parliament (MPs). On April 8, a denial-of-service attack took down the websites of the Finnish ministries of Defense and Foreign Affairs.
New security features for Windows 11 will help protect hybrid work
Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cybercriminals and nation-states alike have improved their targeting, speed, and accuracy as the world adapted to working outside the office.
Dark Web OSINT Tool
Open Source Intelligence Tool for the Dark Web ___
Satellite (In)security: Vulnerability Analysis of Wideye SATCOM Terminals
This blog post introduces our most recent whitepaper detailing original research into two SATCOM terminals manufactured by Addvalue Technologies, Ltd.: the Wideye iSavi and Wideye SABRE Ranger 5000.
Telegram OSINT: Generating a data ‘backbone’ for investigation
With Telegram growing ever more popular, vast amounts of data are being generated which we can use to map trends and fuel investigations. While most topics I discuss tend to focus on smaller granular cases, I want to cover an important topic.
Azure Active Directory Exposes Internal Information
Microsoft Azure Active Directory (Azure AD) is an identity and access management solution used by over 88 percent of Fortune 500 companies as of this publication. This market penetration makes Azure AD a lucrative target for threat actors.
QuickBuck - Ransomware Simulator
QuickBuck - Ransomware Simulator
Threat Spotlight: AsyncRAT campaigns feature new version of 3LOSH crypter
3LOSH continues to be under active development and in use by threat actors distributing a variety of commodity RATs.
MITRE Engenuity ATT&CK Tests
By developing a common language to arm analysts with a standard to describe attacks, MITRE ATT&CK has become a critical knowledgebase for cyber defenders, ultimately improving security efficiency and response time.
Legacy systems still in use: making a cybersecurity case for modernisation
What does the term “Legacy Systems” mean to you? What image does it conjure up? Well, the word “legacy” can mean “something transmitted by or received from an ancestor or predecessor or from the past.
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7
Recent public research asserts threat groups sharing overlaps with FIN7 transitioned to targeted ransomware operations involving REVIL, DARKSIDE, BLACKMATTER, and ALPHV ransomware.
Account Takeover Attacks Predicted to Increase in 2022
CyberEdge Group just released the 2022 Cyberthreat Defense Report, an annual survey of 1200 IT security professionals in 17 countries across 19 industries.
Always update Safari on your iPhone
Lots of iPhone users aren’t crazy about the iOS built-in browser, Safari, and prefer to use an alternative — Google Chrome, Mozilla Firefox, or even something more exotic like DuckDuckGo, Brave or Microsoft Edge (yes, there’s Edge for iOS!).
Fresh TOTOLINK Vulnerabilities Picked Up by Beastmode Mirai Campaign
Between February and March 2022, our FortiGuard Labs team observed that the Beastmode (aka B3astmode) Mirai-based DDoS campaign has aggressively updated its arsenal of exploits. Five new exploits were added within a month, with three targeting various models of TOTOLINK routers.
Emma Sleep Company admits checkout cyber attack
Emma Sleep Company has confirmed to The Reg that it suffered a Magecart attack which enabled ne’er-do-wells to skim customers’ credit or debit card data from its website.
Deep Dive Analysis – Borat RAT
Remote Access Trojan Capable of Conducting Ransomware & DDOS Activities A Remote Access Trojan or RAT is a tool used by Threat Actors (TAs) to gain full access and remote control on a user’s system, including mouse and keyboard control, files access, and network resources access.
11 Strategies of a World-Class Cybersecurity Operations Center
If you are getting started in cybersecurity operations, evolving your existing security operations center (SOC), or engaging with a SOC regularly, MITRE offers free downloads of 11 Strategies of a World-Class Cybersecurity Operations Center—both for the 20-page summary document and the full textbook.
Additional improvements for Google Meet
Prompts to exit meetings when you’re the only user in a meeting. A centralized location for host management controls. See below for more information.
Return to Monkey Island | Coming 2022
Announcing Return to Monkey Island, the long-awaited follow-up to the legendary Secret of Monkey Island and Monkey Island 2: LeChuck’s Revenge by Ron Gilbert’s Terrible Toybox in collaboration with Devolver Digital and Lucasfilm Games, coming 2022.
Here’s how much it could cost to rent the iPhone with the rumored subscription program
Apple already has an iPhone Upgrade program that spreads out the cost of a phone over 24 months. Once you are done with the payments, the phone becomes yours. The rumored iPhone subscription service would be more of a rental program and you will never actually own the device.
Apple’s Huge iPhone Mistake—Bad News For 1 Billion Users
As Apple counts down the months to the launch of iPhone 14 and iOS 16, it suddenly risks a repeat of last year, when its launch plans were almost derailed by a controversial plan to scan iPhone content.
Clearview AI Fined in Italy, Starts Scanning Dead Russian Soldiers in Ukraine
Ever since the facial recognition company Clearview AI appeared from nowhere two years ago, it has remained at the leading edge of its field, not least in terms of ethics.
First ‘Star Trek: Lower Decks’ season three trailer teases a starship hijacking
Amid the deluge of all the Star Trek shows CBS has produced since bringing the franchise back to TV in 2017, Lower Decks has stood out for its fun and smart take on Gene Roddenberry’s sci-fi universe.
YouTube channels of Taylor Swift, Justin Bieber, Harry Styles, and other musicians compromised
Some of the biggest stars around have seen content placed on their YouTube accounts without permission over the last couple of days. Taylor Swift has around 40 million subscribers. Justin Bieber? 68 million. Harry Styles, a respectable 12 million.