Monday, Aug 29, 2022 // (IG): BB //Sponsor: ShadowNews
Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users
FROM THE MEDIA: Twilio, which earlier this month became a sophisticated phishing attack, disclosed last week that the threat actors also managed to gain access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. The communication tools company said the unauthorized access made it possible for the adversary to register additional devices to those accounts. It has since identified and removed the illegitimately added devices from the impacted accounts.Authy, acquired by Twilio in February 2015, allows safeguarding online accounts with a second security layer to prevent account takeover attacks. It's estimated to have nearly 75 million users.
READ THE STORY: THN
Takeovers Panel model could help with $42b cyber crisis
FROM THE MEDIA: John Macpherson calls it the moment of panic. The former hostage negotiator and current head of Ashurt’s cyber risk consulting practice says companies under cyber attack generally start from the position that they won’t pay a ransom. But as the pressure builds, their resolve starts to crack. “In the heat of battle in the war room, they get to a moment of panic. You’re dealing with a situation where all of your operations are down, a lot of your data has been stolen and it’s sitting on the dark web, and you’re under intense pressure from a threat actor to pay.
READ THE STORY: Financial Review
DoorDash Admits Personal Information of Customers Were Stolen After Data Breach
FROM THE MEDIA: On Wednesday, Aug. 24, food delivery company DoorDash admitted that it was one of the 130 organizations targeted by 0ktapus, and the data breach had compromised the personal information of its customers. According to Mashable, DoorDash's data breach happened right after 0ktapus hacked into Twilio's system, stealing the company's login credentials. After the incident, the food delivery company confirmed that the personal information of its customers was stolen, including their names, delivery addresses, email addresses, phone numbers, and partial credit card information.
READ THE STORY: TechTimes
Hacker used compromised developer account to steal LastPass source code and proprietary data
FROM THE MEDIA: LastPass, a popular password management services provider with more than 33 million global users, including over 100,000 business customers, confirmed recently that it identified unusual activity in some areas of its development environment a couple of weeks ago. Upon detecting the suspicious activity, the company initiated an investigation that confirmed that a threat actor gained access to portions of the LastPass development environment by using a compromised developer account and stole portions of source code and some proprietary LastPass technical information. “After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults,” LastPass said.
READ THE STORY: TEISS
LockBit ransomware gang gets aggressive with triple-extortion tactic
FROM THE MEDIA: LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level. The gang has recently suffered a DDoS attack, allegedly on behalf of digital security giant Entrust, that prevented access to data published on its corporate leaks site. Data from Entrust was stolen by LockBit ransomware in an attack on June 18, according to a BleepingComputer source. The company confirmed the incident and that data had been stolen.
READ THE STORY: Bleeping Computer
EmergeOrtho notifying 75,200 patients about ransomware incident
FROM THE MEDIA: EmergeOrtho in North Carolina has started sending notification letters to patients whose protected health information may have been accessed during a ransomware attack in May. According to a notification template seen by DataBreaches, EmergeOrtho discovered and blocked a ransomware attack on May 18. Their letter does not specifically state whether any files were encrypted, and they do not state what the ransom demand was or who the attackers were. Patient information that may have been accessed included first and last name, address, Social Security number, and, in some cases, date of birth.
READ THE STORY: Data Breaches
New York medical practices hit by “Bl00dy Ransomware Gang”
FROM THE MEDIA: In July, a new channel appeared on Telegram called the “Bl00dy Ransomware Gang.” In August, information about alleged victims started to appear. So far, the gang has leaked some data allegedly from three victims in two incidents. In each case, there is some confirmation that the victims may have been attacked, but there is no confirmation from the named victims that this group attacked them. Here’s what we know so far: One of the claimed victims is a medical practice in New York called Primary Care of Long Island (PCOLI). PCOLI was added to the Telegram channel on August 7. A second website, oncallpractice.com, was also listed as part of the same incident. Both businesses are listed at 820 Suffolk Avenue, Brentwood, in a building that houses several medical and dental practices.
READ THE STORY: Data Breaches
NATO Probes Hackers Selling Data from Top Missile Firm MBDA
FROM THE MEDIA: A cybercrime gang is selling classified data apparently stolen from European firm MBDA Missile Systems. For your information, MBDA is a European company that produces missiles and other weapons. It was formed in 2001 from a merger of French, Italian, and British companies. MBDA is the world’s second-largest missile maker after Boeing. The company has three main product lines: air-to-air missiles, air-to-surface missiles, and surface-to-air missiles. Its products are used by the militaries of more than 40 countries.
READ THE STORY: HackRead
How a retired MI6 boss, his Brexiteer friends and a celebrity Marxist became targets in Russia’s war on Ukraine
FROM THE MEDIA: In the disinformation drive around the war in Ukraine, even eccentric academics lunching with their grandsons can become collateral damage. At first glance, Gwythian Prins, a professor at the London School of Economics, seems an unlikely target for Russian hackers seeking to discredit the British government. Yet the faceless hackers who broke into and published Prins' personal emails revealed not only harmless discussions of his day-to-day life — including family lunches in rural England — but also extraordinary claims about an establishment plot to control the British government.
READ THE STORY: Politico
Giant 3d Printer aims to Produce life-sized Boat
FROM THE MEDIA: As 3D printers become more ubiquitous, the number of custom designs and styles of printers has skyrocketed. From different printing materials and technologies to the movements of the printing head, we’ve seen all kinds of different takes on these tools. But one thing that has been largely limited to commercial and industrial use has been large print sizes — leaving consumer level prints to be split into several pieces to fit together later. Not so with this giant 3D printer from [Ivan], though.
READ THE STORY: Hackaday
NATO cannot allow Russia to absorb Ukraine if it wants to prevent rogue regimes from launching copycat attacks against the Western world order
FROM THE MEDIA: This week marks half a year since Vladimir Putin’s forces invaded Western-backed Ukraine. That means this war is now the longest interstate high-intensity conflict to be fought in the post-Cold War era. With each passing day, it looks more and more like a violent confrontation between the global centers of military, political and philosophical power. Effectively, we have another world war unfolding. This new conflict looks distinct and feels different to previous wars, which were fought on a global scale. Still, this is a de factor world war unfolding before us.
READ THE STORY: Skynews
How to shut down the internet – and how to fight back
FROM THE MEDIA: Internet shutdowns come in different forms, ranging from the hammer of a complete blackout to screwdriver-style arrangements targeting certain populations. These are some methods used by governments around the world to switch off the internet. The nuclear option. On 5 August 2019, India’s Hindu Nationalist government revoked the special status of the Kashmir region, unilaterally wiping out its autonomy. It also sent in thousands of army troops and severed internet, mobile and telephone connections. The region would remain offline for 552 days, the world’s longest shutdown to date.
READ THE STORY: The Guardian
Swiss Secret Service Worried About Russian Cyber Operations
FROM THE MEDIA: The Federal Intelligence Service (FIS) is concerned that Russia could use Swiss servers as part of campaigns to destabilize western democracies, according to a newspaper report. This content was published on August 28, 2022 - 12:26 August 28, 2022 - 12:26 SonntagsBlick/swissinfo.ch/dos Pусский (ru) Разведка Швейцарии обеспокоена по поводу российских кибер-операций An internal FIS document, seen by the SonntagsBlick, says a direct attempt to influence Swiss parliamentary elections next year is unlikely. However, it is“likely that future Russian cyber-attacks on other western elections could use Swiss-based servers”.
READ THE STORY: MENAFN
Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists
FROM THE MEDIA: If there's one thing we can't live without in our modern world, it's electricity. It provides heat and light, pumps water and fuel, refrigerates food, and breathes life into our TVs, computers and phones. So it is no surprise the North American electric grid, which creates, moves and delivers our electricity, is considered the most critical part of our critical infrastructure. What is surprising is the nature of the grid itself: a hodge-podge of public and privately-owned, half-century-old tech, that is increasingly vulnerable to severe weather, cyber-attacks, and even physical assaults.
READ THE STORY: CBSNEWS
FBI agent says Russia uses cyber attacks against US, possible Minnesota victims
FROM THE MEDIA: The Ukraine war is half a world away, but a high-ranking FBI agent told 5 EYEWITNESS NEWS the effects could be hitting much closer to home than you think. FBI agent, Michael Paul, told 5 EYEWITNESS NEWS in a one-on-one interview three weeks ago that “Russia is using that [the Ukraine war] as sort of an impetus to, again, conduct attacks on entities in the United States.” Paul made that statement, and others, on Aug. 3 when he was the Special Agent-in-Charge of the Minneapolis Field Office. He has since been promoted to Assistant Director of the Operational Technology Division at FBI headquarters in Washington, D.C.
READ THE STORY: KSTP
DuckDuckGo's Email Protection Service Now Available for Everyone to Use
FROM THE MEDIA: The free tracking interceptor service is now available for the public so they can get their own @duck.com email address. Up to 320 billion spam emails are sent every day, and up to 94% of malware is delivered through spam emails. In addition, more than half of all global email traffic is spam, which is why email users are often left to rely on their email provider's spam protection technologies or fend for themselves. But now, tech developers like DuckDuckGo are addressing the need for better spam protection.
READ THE STORY: iTechpost
LAPSUS$ – Real Threat or Minor Menace?
FROM THE MEDIA: Here’s an event we didn’t have on our 2022 cybersecurity incident bingo card – a gang of teenagers (known as LAPSUS$) crowdsourcing which major tech companies to threaten. But this unexpected development has shown us an interesting evolution in the type of tactics criminals use to decide which victim to target, as well as the information-gathering process prior to attacks. LAPSUS$ is a data extortion gang that apparently started in South America and includes members in other countries, including the UK. They’ve compromised several public and private entities in Brazil and other Latin American countries and have recently gained greater notoriety by compromising several high-profile companies in the technology sector.
READ THE STORY: TechNative
US drones entering Afghanistan through Pakistan, claim Taliban
FROM THE MEDIA: Taliban’s interim Defense Minister Mullah Yaqub Sunday claimed that the US drones were entering their country from Pakistan. Narrating the one-year performance of the ministry alongside the Army Chief Mullah Fasih Uddin and the spokesperson for the ministry at a press conference in Kabul, Yaqub said: “We hadn’t caught all routes of the drones but our intelligence reported that the United States drones were entering through Pakistan.” “We demand that Pakistan does not allow its air space to be used by the US,” he said, adding that the Islamic Emirate of Afghanistan’s (IEA) radar system was destroyed when the Americans evacuated the country last year in August.
READ THE STORY: Dailytime - PK
China Deploys Rain-Seeding Drones to End Drought in Sichuan
FROM THE MEDIA: China is using two massive drones to seed rainclouds in Sichuan province to try to end a devastating drought that has choked power output and disrupted supply chains of global giants like Apple Inc. and Tesla Inc. The China Meteorological Administration launched drones in northern and southeastern Sichuan on Thursday morning, and the aircraft will eventually cover an area of 6,000 square kilometers in operations lasting through Monday, state-owned CCTV reported.
READ THE STORY: Bloomberg // Slashdot
With Iranian drones, Russia complicates nuclear deal talks
FROM THE MEDIA: Russia has obtained hundreds of Iranian drones capable of being used in its war against Ukraine despite US warnings to Tehran not to ship them, according to Western intelligence officials. It’s unclear whether Russia has begun flying the drones against Ukrainian targets, but the drones appear to be operational and ready to use, said the officials, who spoke on condition of anonymity to discuss sensitive intelligence. The reported shipment marks the latest sign of what appears to be closer military cooperation between the longtime allies.
READ THE STORY: i-ITM
Swarm drones being inducted into mechanised forces of Indian Army
FROM THE MEDIA: The swarm drones system equipped with cutting-edge technology that can identify targets using artificial intelligence-driven software is being inducted into the mechanized forces of the Indian Army. Swarm drones consist of a number of drones controlled from the same station which can pe programmed using an algorithm to carry out various tasks, including surveillance, sources said. The Indian Army on Friday took to Twitter and said the new system will provide an "edge" to it in meeting future "security challenges".
READ THE STORY: The Pioneer
Items of interest
GETTING THE TAIWAN POLICY ACT RIGHT
FROM THE MEDIA: When it comes to Taiwan, Beijing and Washington are talking past one another. So too are Americans themselves. Last month, infighting between Congress and the Biden administration spilled into public view before Speaker Nancy Pelosi’s trip to Taiwan. As one of us discussed in a recent War on the Rocks podcast episode, the same pattern could repeat on the Taiwan Policy Act, which is currently scheduled to be debated by the Senate next month.
The proposed law reflects a growing consensus that the United States should do more to help Taiwan defend itself from aggression from the People’s Republic of China. After all, Taiwan is a vibrant democracy, a global hub of innovation, and home to 23 million people. Taiwan’s leaders have shown remarkable resilience as Beijing has ramped up pressure on Taipei. Facing this onslaught, leaders in Congress are right to urgently take steps to support Taiwan.
READ THE STORY: Ware on The Rocks
You are being watched (Video)
FROM THE MEDIA: The machines are already tracking and watching you. And they're influencing you. The future looks bleak. Do you really want to live in a Skynet world?
The Mystery of the Middle East's Cyber Mercenaries Darknet Diaries Ep. 38: Dark Caracal (Video)
FROM THE MEDIA: The Kazakhstani government tried to silence a critical journalist. But when she also became the target of a phishing scam, tracking the hackers opened a rabbit hole into a massive but shoddy spying operation. Who was really behind it? And why was all the hacked data dumped onto the open Internet?
hese open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com