UK and US expose Russian hacking plot intended to influence UK's 2019 elections and spread disinformation
Two men have been charged with hacking into computer networks in the United States, UK, other NATO countries, and Ukraine, on behalf of the Russian government. The men have been named by the US Department of Justice as Ruslan Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets. The men, alongside other conspirators who as yet have not been charged, are alleged to have launched sophisticated spear-phishing campaigns to hack into victims' computers and email accounts. READ MORE...
Russia's 'Star Blizzard' APT Upgrades its Stealth, Only to Be Unmasked Again
After multiple exposures and disruptions, a Kremlin-sponsored advanced persistent threat (APT) actor has once again upgraded its evasion techniques. However, that move was also exposed this week, by Microsoft. "Star Blizzard" (aka Seaborgium, BlueCharlie, Callisto Group, and Coldriver) has been carrying out email credential theft in service of cyberespionage and cyber influence campaigns since at least 2017. READ MORE...
Russian military hackers target NATO fast reaction corps
Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the CVE-2023-23397 vulnerability over roughly 20 months in three campaigns against at least 30 organizations across 14 nations deemed of probable strategic intelligence significance to Russia's military and government. READ MORE...
December 2023 Patch Tuesday forecast: 'Tis the season for vigilance
The final Patch Tuesday of the year is almost upon us! This is the time of year when we want to relax and enjoy the holidays, but we need to be extra vigilant to detect and respond to suspicious activity. Many in the retail industry have placed our systems in 'lockdown' since before Thanksgiving to ensure we don't interrupt ongoing sales. They won't be able to update them until after the holidays, but that doesn't mean they can't respond to threats. READ MORE...
BlackSuit ransomware - what you need to know
A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia. And earlier in the year, a zoo in Tampa Bay was targeted by the same hacking gang. Meanwhile, liberal arts college DePauw University in Indiana says that it was recently targeted, and a "limited amount of data on specific individuals was accessed." 214GB of stolen data has since been made available for download on BlackSuit's extortion site on the dark web. READ MORE...
Russian information operation uses US celebrity Cameos to attack Zelensky
On Aug. 17, Russian news outlet RIA Novosti published a story carrying an urgent message from the American actor John McGinley to Ukrainian President Volodymyr Zelensky. McGinley's video message, it turns out, was part of an apparent Russian influence operation documented in a Microsoft report released Thursday. It was one of roughly a half dozen such videos in which Western celebrities sent personal messages to "Vladimir" via Cameo, a website where users can pay for personalized messages from celebrities. READ MORE...
New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips
A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners (Android) and Apple, routers, and USB modems. 5Ghoul was discovered by university researchers from Singapore and consists of 14 vulnerabilities in mobile communication systems, 10 of which have been publicly disclosed and four withheld for security reasons. READ MORE...
Progress Software discloses 2 new CVEs in MOVEit
Progress Software disclosed two new high-severity vulnerabilities in the beleaguered MOVEit file-transfer service last week. A privilege escalation path vulnerability, CVE-2023-6218, and a cross-site scripting vulnerability, CVE-2023-6217, were disclosed and patched Nov. 29. The additional set of vulnerabilities brings the total number of CVEs in MOVEit to eight since a zero-day vulnerability, CVE-2023-34362, was widely exploited in late May. READ MORE...
Android, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection Attacks
An authentication bypass flaw in the Bluetooth protocol allows attackers to connect to vulnerable devices and inject keystrokes. The issue, tracked as CVE-2023-45866, enables attackers within Bluetooth range to connect to discoverable hosts without user confirmation, warns software engineer Marc Newlin, who found the bug. The attack can be mounted using a Linux machine and a normal Bluetooth adapter. READ MORE...
- ...in 1894, cartoonist E.C. Segar, best known as the creator of Popeye the Sailor, is born Santa Monica, CA.
- ...in 2010, SpaceX becomes the first private aerospace company to successfully launch, orbit, and recover a spacecraft.
- ...in 2013, heavy metal group Metallica perform a concert in Antarctica, becoming the first band to play on all seven continents.
- ...is 1861, French filmmaker and early special-effects pioneer Georges Melies ("A Trip to the Moon") is born in Paris.
