AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/12/2023

The FBI Won’t Say Whether It Hacked Dark Web ISIS Site 

U.S. government lawyers are hampering efforts that could reveal how the FBI managed to obtain the real IP address of an alleged visitor to an ISIS website on the dark web, according to court records reviewed by Motherboard. The case involves Muhammed Momtaz Al-Azhari, who was charged in May 2020 with attempting to provide material support to ISIS. According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019. In virtue of being a dark web site—that is, one hosted on the Tor anonymity network—it should have been difficult for the site owner’s or a third party to determine the real IP address of any of the site’s visitors. 


Trojan Puzzle attack trains AI assistants into suggesting malicious code 

Researchers at the universities of California, Virginia, and Microsoft have devised a new poisoning attack that could trick AI-based coding assistants into suggesting dangerous code. Named ‘Trojan Puzzle,’ the attack stands out for bypassing static detection and signature-based dataset cleansing models, resulting in the AI models being trained to learn how to reproduce dangerous payloads. 


Royal Mail export services disrupted after ‘cyber incident’ 

Britain’s Royal Mail is facing severe disruption to its international export services following what it described as “a cyber incident”. “We are temporarily unable to dispatch items to overseas destinations,” Royal Mail, one of the world’s largest post and parcel firms, said in a service update on its website. It advised customers to temporarily hold any export mail items while it works to resolve the issue. The company says thousands of businesses use it to export around the world. 


Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System 

Twitter on Wednesday said that its investigation found “no evidence” that users’ data sold online was obtained by exploiting any security vulnerabilities in its systems. “Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems,” the company said in a statement. “The data is likely a collection of data already publicly available online through different sources.” The disclosure comes in the wake of multiple reports that Twitter data belonging to millions of users – 5.4 million in November 2022, 400 million in December 2022, and 200 million last week – have been made available for sale on online criminal forums. 


DDoS Attacks Hit Denmark Central Bank and 7 Private Banks 

The official websites of Denmark‘s central bank and seven other private banks in the country were hit by a series of massive DDoS attacks on Tuesday, January 10th, 2022. The attacks caused them to be inaccessible to users, according to the central bank. Along with the websites of the central bank, Bankdata—a company that develops IT solutions for the financial industry—was also targeted by a DDoS attackA DDoS attack, or Distributed Denial of Service attack, is a malicious cyberattack used to disrupt the availability of a service to its intended users. It’s an attack that attempts to make an online service unavailable by flooding it with an overwhelming amount of traffic from multiple sources. 


LastPass breach exposes how US breach notification laws can leave consumers in the lurch 

On Thursday, Dec. 22., as Americans prepared for the holidays and braced for massive winter storms, the password manager LastPass announced to its 33 million customers that it suffered a major security breach. But even those paying attention to emails or tech news may not have grasped the full scope of the breach, which exposed encrypted password vaults and put millions of individuals and organizations at risk of having their most sensitive data exposed to criminal hackers. Based on the public notification from LastPass, the potential implications of the incident were anything but clear. 

Related Posts