Tag Archive for: mercenaries”

Iran’s Lyceum threat group active against telcos, ISPs. Clopp hits unpatched SolarWinds instances. Mercenaries. Patch Tuesday.


Attacks, Threats, and Vulnerabilities

Iranian cyber group targets Israel, Saudis, Africans – report ( The Jerusalem Post | JPost.com ) An Iranian hacker group called Lyceum has targeted Israel, Saudi Arabia, Morocco, Tunisia and others.

Exclusive: A Cyber Mercenary Is Hacking The Google And Telegram Accounts Of Presidential Candidates, Journalists And Doctors (Forbes) An unprecedented peek inside an underground hacker-for-hire operation reveals 3,500 targets, including Belarusian presidential candidates, Uzbek human rights activists and a cryptocurrency exchange.

Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks (BleepingComputer) The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices.

TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access (NCC Group Research) NCC Group’s global Cyber Incident Response Team has observed an increase in Clop ransomware victims in the past weeks. The surge can be traced back to a vulnerability in SolarWinds Serv-U that is being abused by the TA505 threat actor. TA505 is a known cybercrime threat actor, who is known for extortion attacks using the Clop ransomware. We believe exploiting such vulnerabilities is a recent initial access technique for TA505, deviating from the actor’s usual phishing-based approach.

Russian Cybercrime Group Exploits SolarWinds Serv-U Vulnerability (SecurityWeek) The Russia-linked ‘Evil Corp’ cybercrime group has been exploiting a vulnerability in SolarWinds Serv-U for initial infection.

Vulnerable smart contracts and fake blockchains: What do investors need to know? (Digital Shadows) Well, here we are again. Another blog on a topic that’s often spoken about but little understood: cryptocurrency. Cryptocurrency-related decentralized finance (DeFi) is seeing unprecedented interest from retail and institutional investors alike.

FBI: Scams Involving Cryptocurrency ATMs and QR Codes on the Rise (SecurityWeek) The Federal Bureau of Investigation (FBI) this week issued an alert on fraud schemes that direct victims to use cryptocurrency ATMs and Quick Response (QR) codes to…

Source…

Microsoft, Google, WhatsApp vs Cyber Mercenaries, and Your Cyber Security


Earlier this week, Tom Burt, corporate vice president of ‘customer security and trust’ at Microsoft, published a blog post expressing the company’s support towards WhatsApp in its legal battle against the Israeli NSO Group. With this, Microsoft officially joined a league of the world’s most prominent technology companies in fighting cyber mercenaries. The case harks back to the notorious Pegasus hack that ran riot on WhatsApp, targeting journalists and human rights activists on behalf of governments. The term itself seems about right, referring to Tim Maurer’s novel titled Cyber Mercenaries – The State, Hackers and Power.

The intention, hence, is pretty clear – technology companies are sitting up and officially taking note of the present cyber security climate. Organisations such as the NSO Group have till date flaunted governmental immunity, stating that it builds specialised and highly sophisticated cyber espionage tools at the request of nations. These tools, in turn, are used by national governments to carry out strategic cyber warfare on targets. As a result, the NSO Group has so far claimed immunity from legal prosecution, citing its contribution to state-backed cyber operations as classified information. Now, technology majors such as the Facebook-owned WhatsApp, along with Google, Cisco, VMWare and now Microsoft, have joined the fray.

The state of today’s cyber security

Such a move may not result in immediate, direct benefits in prosecuting cyber threat actors, especially those with nation-backed funds and motives. However, it underlines the state of cyber security around the world today. Keeping aside the major privacy issues of Big Tech, cyber threats today exist in consumer apps strewn across Android’s Google Play Store, and in numerous third party websites. These threats include spyware such as Pegasus, which often deploy zero-click tactics and exploit zero-day vulnerabilities to secretly install on smartphones.

Such attacks then deploy common cyber attack tactics, such as privilege escalation to gain high level access in devices. Such access, such as what NSO’s Pegasus took in systems it infiltrated via WhatsApp, would allow these spyware to gain…

Source…

A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments – The New York Times

A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments  The New York Times

Sophisticated surveillance, once the domain of world powers, is increasingly available on the private market. Smaller countries are seizing on the tools …

“cyber warfare news” – read more

A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments

Now, clearly there is a market for it,” said Mr. Johnston, the security expert. He worked in the military … The Justice Department’s case, run by prosecutors in Washington, focuses on internet fraud …
internet security – read more