Tag Archive for: Notes

Crypters in the C2C markets. Ransomware attacks continue. Canada will exclude Huawei from 5G. Notes from the hybrid war.

/in


Dateline Moscow, Kyiv, Berlin, Rome, Washington, Beijing: Russia reconstitutes its forces, under pressure.

Ukraine at D+85: Russian attempts to reconstitute its forces, under pressure. (The CyberWire) Russian forces appear to attempting to consolidate their positions in the Donbas and along the Azov coast while their government seeks to reconstitute the units that have taken severe personnel and equipment losses during the invasion of Ukraine. Cyber phases of the war continue to concentrate on disinformation and nuisance-level attacks, many of these conducted by nominal hacktivists.

Russia’s invasion of Ukraine: List of key events, day 86 (Al Jazeera) As the Russia-Ukraine war enters its 86th day, we take a look at the main developments.

Russia’s invasion of Ukraine: List of key events, day 85 (Al Jazeera) As the Russia-Ukraine war enters its 85th day, we take a look at the main developments.

Russia-Ukraine war: what we know on day 85 of the invasion (the Guardian) Russia says 1,730 fighters at Azovstal plant have surrendered since Monday; ‘culture of cover-ups’ in Russian military, says UK’s MoD

Russia could actually lose territory amid Ukraine war disaster (Newsweek) The U.S. ambassador to Ukraine said Russian troops could be expelled from more regions they had occupied, which raises the prospect of Moscow losing Crimea.

‘Now we get hit too’: Belgorod, the Russian city on the Ukraine frontline (the Guardian) Locals speak of a tense atmosphere after a number of attacks – and reports of Ukrainian saboteurs

Red Cross registers hundreds of Ukrainian POWs from Mariupol (AP NEWS) The Russian military said Thursday that more Ukrainian fighters who were making a last stand in Mariupol have surrendered, bringing the total who have left their stronghold to 1,730, while the Red Cross said it had registered hundreds of them as prisoners of war.

Ukrainian POWs Could Face Real Legal Jeopardy in Russia (World Politics Review) This week, speculation has been intense about the fate of the hundreds of Ukrainian soldiers who surrendered to Russia in Mariupol. While it is easy to dismiss Russia’s claims against the prisoners as propaganda, the Geneva Conventions would allow Russia to…

Source…

Analyst Notes – IC Consult & ICSynergy, Open Policy Agent and Consumer Identity Market Explosion

/in


A few items that have popped into The Cyber Hut inboxes over the past week relating to funding and vendor news.

iC Consult Group Completes Acquisition of ICSynergy

iC Consult, a European consulting firm focused specifically in the areas of identity and access management announced they had acquired US integrator ICSynergy. ICSynergy has been around since 2000 and is based out of Texas. They provide both IAM and PAM advisory services and LinkedIn lists 65 employees. Whilst an advisory outfit, they do have a “product” focus in the form of IdentityRM. This is a relationship management tool that looks to solve the complex interactions often found in the B2X business models – which perhaps many classic IAM platforms fail to deliver against. IC Consult is the bigger of the 2 organisations by a magnitude, with nearly 300 employees according to LinkedIn and a broad focus across both B2E and B2C identity deployments.

The Challenges of OPA?

OPA (Open Policy Agent) has been around for a number of years and has seemingly taken the lead in the popularity stakes when it comes to microservices protection and “policy-as-code” style architectures. The Cyber Hut recently did a technology test drive of the project with its highly capable Rego language and deployment capabilities. However, as the number of deployments rocket, a secondary overlay industry is emerging, with numerous services providing user interface, policy management and governance services based on OPA.

See PlainID, Cloudentity, Scaled Access as some examples, but that is by no means the entire list with of course the maintainers of OPA – Styra – providing an entire capability suite to support OPA.

A recent blog by authorization startup Aserto amplifies the talk track surrounding how policy code needs to be version controlled and distributed. An interesting secondary problem for those building more complex architectures with codified access control.

Consumer IAM market to reach $17.6 billion by 2026

Apparently the CIAM is going to be worth $17.6 billion in 4 years time. I can’t argue either way and I’m never really a fan of futurism when it comes to total addressable market sizes, however, there is no denying that…

Source…

Data breach extortion. Credential reuse risk. Blackswan zero-days. A Monero cryptojacker. Notes on the ransomware summit.

/in


Attacks, Threats, and Vulnerabilities

Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes (SecurityWeek) Over the past few months, a threat actor has been increasingly breaching enterprise networks to steal data and extort victims, but without disrupting their operations

SnapMC skips ransomware, steals data (NCC Group Research) Over the past few months NCC Group has observed an increasing number of data breach extortion cases, where the attacker steals data and threatens to publish said data online if the victim decides not to pay. Given the current threat landscape, most notable is the absence of ransomware or any technical attempt at disrupting the victim’s operations.

Academics find Meltdown-like attacks on AMD CPUs, previously thought to be unaffected (The Record by Recorded Future) Two academic papers have been published over the past two months detailing new side-channel attacks in AMD processors that have eerily similar consequences to the Meltdown attack disclosed in early 2018, to which AMD CPUs were previously thought to be immune.

How Impersonation Attacks Fool Users (Avanan) Hackers use impersonated messages from reputable brands to fool users. In this case, scammers are impersonating DocuSign.

Once-in-a-decade discovery made by international cyber security company built by former spies (PR Newswire) Field Effect, a global cyber security company, has released details of their discovery of seven 0-day vulnerabilities in Microsoft Windows software and…

Blox Tales: Microsoft Defender Vishing Using AnyDesk (Armorblox) This blog focuses on a Microsoft Defender vishing campaign where attackers tried to get victims to download AnyDesk for an RDP attack.

Heads up: Verizon’s Visible MVNO accounts are getting hacked left and right (AndroidPolice) Users are reporting account hijacks, address changes, and unauthorized purchases

Apparent Verizon Visible hack was credential stuffing attack, says carrier [U] (9to5Mac) Multiple reports of an apparent Verizon Visible hack, with attackers changing shipping addresses, then ordering phones that are charged …

Verizon’s Visible confirms accounts were breached – report (FierceWireless) Some customer accounts for the…

Source…

Game source code sold online? Bloomberg renews claims of Chinese hardware backdoors. ICS advisories, notes. Bogus valentines. – The CyberWire

/in



Game source code sold online? Bloomberg renews claims of Chinese hardware backdoors. ICS advisories, notes. Bogus valentines.  The CyberWire

Source…