Sunday, Sept 04, 2022 // (IG): BB //Sponsor: ShadowNews
Alleged Iranian threat actors leak the code of their CodeRAT malware
FROM THE MEDIA: The development team behind the remote access trojan (RAT) CodeRAT has leaked the source code of its malware on GitHub after the SafeBreach Labs researchers recently analyzed a new targeted attack aimed at Farsi-speaking code developers. The attackers used a Microsoft Word document that included a Microsoft Dynamic Data Exchange (DDE) exploit along with a previously undiscovered remote access trojan (RAT), tracked as CodeRAT by SafeBreach Labs researchers.
READ THE STORY: Security Affairs
Samsung says some data on US customers stolen
FROM THE MEDIA: In a statement Friday, the company said that on August 4th it discovered that in late July there had been what it calls “a cybersecurity incident that affected some customer information” held in its U.S. systems. That included names, dates of birth, contact and demographic information, and product registration information. The information accessed for each affected customer may vary.
READ THE STORY: LeaderPost
Hackers who hit Luxembourg turn on Italy
FROM THE MEDIA: A hacker group with links to Russia has claimed responsibility for a recent ransomware attack targeting Italy’s energy industry, which Rome says could be related to the Russian invasion of Ukraine. In a post published on the so-called dark web, the BlackCat group said it stole 700 gigabytes of data from networks controlled by Italy’s GSE energy agency, and threatened to publish the information online if its demands were ignored. The post was accompanied by several images of what appeared to be internal documents. The size of BlackCat’s extortion demand wasn’t immediately clear.
READ THE STORY: Luxembourg Times
'Blockchain is bunk': Crypto critics find their voice
FROM THE MEDIA: John Reed Stark helped launch the SEC’s Office of Internet Enforcement in 1998, at the height of the dot-com boom. Under Stark, the office’s founding chief, the team had the task of clamping down on securities fraud committed through the nascent but rapidly expanding web. The job was to go after the bad guys with the same technology they were using — technology that Stark found fascinating. “I was an internet evangelist,” he told Protocol. “I was out there talking about how incredible the internet was and how infinite the possibilities were.”
READ THE STORY: Protocol
Ukraine’s hackers: an ex-spook, a Starlink and ‘owning’ Russia
FROM THE MEDIA: Please use the sharing tools found via the share button at the top or side of articles. Copying articles to share with others is a breach of FT.com T&Cs and Copyright Policy. Email licensing@ft.com to buy additional rights. Subscribers may share up to 10 or 20 articles per month using the gift article service. More information can be found here. Within hours of Russia invading Ukraine, Nikita Knysh rushed to join the resistance. He went to the Kharkiv office of his old employer, the Security Services of Ukraine (SBU), and begged for an assignment. But the city, only 30km from the Russian border, was in chaos.
READ THE STORY: FT
From Counterfeiting to Phishing: Cybersquatting Properties Target Network Device Makers
FROM THE MEDIA: Early last July 2022, news broke out about the arrest of a CEO who allegedly sold fake Cisco networking devices. While he used e-commerce sites as sales channels, the idea that counterfeit products are also peddled through cybersquatting domains is not too far-fetched. In fact, we demonstrated this at Europol’s 13th Operation In Our Sites (IOS), along with other organizations in the cybersecurity community. Aside from counterfeiting, cybersquatting domains can also serve as vehicles for other types of cybercrime, such as spear phishing, scams, and spamming.
READ THE STORY: CircleID
What happened to Kazaa, the P2P download program that triumphed at the beginning of the century thanks to the creators of Skype
FROM THE MEDIA: Between 2002 and 2004, KaZaa Media Desktop (just ‘KaZaa’ for friends) became ‘the sensation’ in the world of the Internet, and essential software on many home computers. Its functionality? Exchange files, especially music and video, but everything circulated there. After that brief moment of fame, he was forgotten in favor of other alternatives, and trace of him was lost for many users. But, what happened to KaZaa?
READ THE STORY: Gear Rice
Hackers caused a massive traffic jam in Moscow using a ride-hailing app
FROM THE MEDIA: Hackers caused a major traffic jam in Moscow after exploiting the Russian ride-hailing app, Yandex Taxi, to summon dozens of taxis to the same location at the same time (via Vice). The attack occurred on September 1st and had traffic heading towards Kutuzovsky Prospect — an already busy boulevard — stuck at a standstill. A video showing lines of taxis seemingly trying to get to the same destination was shared widely on Twitter and Reddit on Thursday. While Moscow is known for its heavy traffic — it ranked number two as the world’s most congested city in the world last year — this incident wasn’t related to the capital city’s typical traffic patterns.
READ THE STORY: The Verge
IIT Roorkee, Uttarakhand Police Organises Devbhoomi Cyber Hackathon 2022
FROM THE MEDIA: The Indian Institute of Technology (IIT) Roorkee has collaborated with the Uttarakhand Police to organise the 'Devbhoomi Cyber Hackathon 2022'. The second edition of this hackathon aims to generate technology-based solutions for Strict and Sensitive, Modern and Mobile, Alert and Accountable, Reliable and Responsive, Techno-savvy and Trained (SMART) policing as per the vision of Prime Minister Narendra Modi. This four-day hackathon was inaugurated today, September 4, 2022. The event at IIT Roorkee was graced by guests from the Ministry of Home Affairs (MHA), central agencies, and state police.
READ THE STORY: NDTV
Drone Captures Images Of Mexican Drug Cartel Camp
FROM THE MEDIA: The first gunshots seemed to come down the mountain on the other side of Arizona’s border fence with Mexico, just east of Arivaca, where rival drug cartel factions battle to the death for supremacy. Sam, my security guide, listened closely as more shots rang out. They were hunters, no doubt, though not the kind you would typically expect. “Where exactly do you think the shots are coming from?” I asked Sam nervously from the back seat of his pickup truck.
READ THE STORY: NXTMINE
Russia's Sberbank to sell off sanctions-hit Swiss subsidiary
FROM THE MEDIA: The Swiss financial markets watchdog said Friday that Sberbank, one of Russia's largest banks, is selling its Swiss subsidiary, which had come under pressure because of international sanctions on Russian interests over the invasion of Ukraine. Sberbank (Switzerland) AG, which focuses on trade finance in commodities, was already facing liquidity problems after a first round of Western sanctions hit Russian interests earlier this year.
READ THE STORY: StarTribune
Russia, India motivated to ensure "uninterrupted" defense cooperation: Envoy
FROM THE MEDIA: The envoy told PTI that Russia's supply of S-400 Triumf surface-to-air missile systems to India is moving ahead "smoothly" as per the schedule and that both sides are maintaining "real-time" communication on critical issues relating to cooperation in the defense sector. Alipov's comments came in the backdrop of apprehensions in certain quarters in India that Russia's supply of key military systems and hardware, including the S-400 missile systems to the Indian armed forces, could be delayed due to the conflict in Ukraine.
READ THE STORY: ET India
How North Korean hackers keep the regime afloat
FROM THE MEDIA: A report released in mid-August by the US-based blockchain analysis company Chainalysis suggests that hackers stole $1.9 billion (€1.9 billion) in the first seven months of this year, up significantly from the $1.2 billion in cryptocurrencies such as Bitcoin, Ethereum, or Litecoin that was taken in the same period last year. And from the digital fingerprints left in the hackers' wake, the company estimates that more than $1 billion of the total was stolen by "bad actors affiliated with North Korea, especially elite hacking units like Lazarus Group."
READ THE STORY: DW
Hacker Steals Bill Murray’s Crypto After $185K NFT Charity Auction
FROM THE MEDIA: Hours after the closing of Bill Murray’s NFT auction that raised 119.2 ETH (around $185,000) for charity Thursday, a hacker stole the funds. The hacker started to drain Murray’s personal wallet at around 7:00 p.m. ET on Thursday, according to on-chain data from Etherscan and details from Murray’s team. The unknown individual also attempted to take non-fungible tokens from the actor’s personal collection. The high-profile hack showcases how even well-known celebrities can fall victim to crypto hackers and thieves. In Bill Murray’s case, though, the actor had the benefit of a wallet security team that protected him from the worst of the incident.
READ THE STORY: CoinDesk
This Tool Was Supposed To Detect Election Hacking. Now It's A Misinformation Target
FROM THE MEDIA: After the 2016 election – and Russian hacking attempts targeted at local election offices – hundreds of local governments across the country made changes. Among them, installing something called an Albert sensor. It's designed to warn of hacking attempts. But in Washington State, this cybersecurity tool has become the subject of suspicion on the political right. It's part of a trend that one voting expert described as "using the language of election integrity to dismantle the infrastructure of election integrity." The Northwest News Network's Austin Jenkins and NPR's Miles Parks explain what's happening.
READ THE STORY: NPR
Taiwan Shoots Down Chinese Drone in Its Airspace
FROM THE MEDIA: The Taiwanese military shot down a Chinese drone that entered its airspace for on Thursday after the government vowed to take more direct action in responding to incursions, Taiwanese premier Su Tseng-chang said. The drone was an unidentified Chinese civilian machine that entered Taiwanese airspace “near the outlying Kinmen islands that sit next door to China’s Xiamen city,” according to the Taiwanese government. The country’s military used to only fire warning shots at such incursions into its airspace, but Taiwanese president Tsai Ing-wen ordered the Armed Forces on Tuesday to take “strong countermeasures” if needed.
READ THE STORY: NR
Domain spoofing on the rise as cybercriminals see some crypto sites as a ‘perfect target’
FROM THE MEDIA: The crypto industry has become synonymous with hacks. The blockchain intelligence firm Chainalysis found that criminal hackers stole approximately $3.2 billion in 2021—a 516% increase from 2020. With governments tackling ransomware attacks, hackers are turning to different techniques. A new report from cybersecurity company Bitdefender found that website spoofing—or attacks where cybercriminals create international domain names that imitate a target’s domain name—has become one of the most prevalent new strategies.
READ THE STORY: Fortune
Items of interest
Experts link Raspberry Robin Malware to Evil Corp cybercrime gang
FROM THE MEDIA: IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.
Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices.
The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL. The malware uses TOR exit nodes as a backup C2 infrastructure.
The malware was first spotted on September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. Initial access is typically through infected removable drives, often USB devices.
READ THE STORY: Security Affairs
Automate with Python (Video)
FROM THE MEDIA: Learn how to automate your life with Python! You will learn how to automate boring and repetitive tasks such as creating an Excel report, sending text messages, extracting tables from websites, interacting with websites, and more. You will learn how to use a few different Python libraries to help with automation such as Path, Selenium, XPath, and more.
Data Analysis with Python for Excel Users (Video)
FROM THE MEDIA: Learn how to use Python and Pandas for data analysis. This course will be especially helpful if you have experience with Excel, but that is not required. Learn how to create pivot tables, work with data, and make visualizations using Python, Pandas, and Jupyter Notebook.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com