<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 6/22/2022

SHARE

Breaches

Okta says Lapsus$ incident was actually a brilliant zero trust demonstration

Okta has completed its analysis of the March 2022 incident that saw The Lapsus$ extortion crew get a glimpse at some customer information, and concluded that its implementation of zero trust techniques foiled the attack. So said Brett Winterford, Asia-Pacific and Japan chief security officer of the identity-management-as-a-service vendor, at the Gartner Risk and Security Summit in Sydney today. READ MORE...

Hacking

Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware

The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. The APT28 hacking group is believed to be sending emails containing a malicious document name "Nuclear Terrorism A Very Real Threat.rtf.". The threat actors selected the topic of this email to entice recipients to open it. READ MORE...


Israeli military personnel spied on via Strava fitness-tracking app

The Strava fitness-tracking app is being used to spy upon members of the Israeli military, tracking their movements at secret bases across the country and potentially even help observe their activities when they travel overseas. That's the finding of FakeReporter, an Israeli open-source intelligence operation, which says it identified the surveillance campaign was used to gather data on at least 100 individuals who exercised at six secret military bases. READ MORE...

Malware

Meet the Administrators of the RSOCKS Proxy Botnet

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the "RSOCKS" botnet, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone else's computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a 35-year-old Russian man living abroad. READ MORE...

Information Security

Capital One identity theft hacker finally gets convicted

Remember the Capital One breach? We did, though we felt sure it had happened a long time ago. Indeed, when we checked, it had: the story first broke almost three years ago, back in July 2019. At the time, the company reported: Capital One Financial Corporation announced […] that on July 19, 2019, it determined there was unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products. READ MORE...

Exploits/Vulnerabilities

Mega says it can't decrypt your files. New POC exploit shows otherwise

In the decade since larger-than-life character Kim Dotcom founded Mega, the cloud storage service has amassed 250 million registered users and stores a whopping 120 billion files that take up more than 1,000 petabytes of storage. A key selling point that has helped fuel the growth is an extraordinary promise that no top-tier Mega competitors make: Not even Mega can decrypt the data it stores. READ MORE...


DFSCoerce, a new NTLM relay attack, can take control over a Windows domain

A researcher has published a Proof-of-Concept (PoC) for an NTLM relay attack dubbed DFSCoerce. The method leverages the Distributed File System: Namespace Management Protocol (MS-DFSNM) to seize control of a Windows domain. A directory service is a hierarchical arrangement of objects which is structured in a way that makes access easy. Windows Active Directory (AD) is a directory service provided by Microsoft and developed for Windows domains. READ MORE...

Science & Culture

Gamification of Ethical Hacking and Hacking Esports

While ethical hacking is by no means a new or groundbreaking practice, the scale at which organizations and individuals are undertaking such initiatives continues to intensify, especially considering recent events such as the log4j vulnerability. Traditionally, ethical hacking is undertaken by organizations who are looking to uncover security gaps which exist within their corporate network and on company devices. READ MORE...

On This Date

  • ...in 1940, France formally surrenders to Germany, following a nearly two-month invasion by the Axis powers.
  • ...in 1942, Congress officially recognizes the Pledge of Allegiance.
  • ...in 1969, the Cuyahoga River catches fire near Cleveland, OH, drawing national attention to the problem of water pollution.
  • ...in 1978, astronomer James W. Christy discovers Charon, the largest moon of Pluto.