AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 02/10/2021

Microsoft to alert enterprise security teams when nation-state attackers target their employees

Microsoft will introduce this month a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers. The notification will appear in the dashboard of Microsoft Defender for Office 365, a cloud-based email filtering service that protects enterprise Office 365 users against advanced and targeted threats (e.g., BEC, credential phishing, etc.), so that security teams may immediately start with remediation actions independently of the targeted user, who will also receive an email alert but might not see it or react to it with the required haste.


How to secure your Alexa device

Do you know if your Alexa device is always listening? Do you know if a hacker got into your device? Do you know what information your Echo is storing? It’s not just your computer or your smartphone that needs to be secured. Your Echo needs to be secured, too. There are a few steps you can take to enhance safety and protect your privacy when using Alexa devices. Choosing a strong password and using a pin for voice purchases are a few examples of security measures you can take.


Hacker Earns Largest Ever Crypto Bug Bounty via Immunefi

Immunefi, the premier bug bounty platform focused on smart contracts and blockchain, announced Wednesday that whitehat hacker Alexander Schlindwein (@bobface16) successfully submitted a critical bug via Immunefi that would have drained the entirety of underwriting funds from decentralized finance (DeFi) insurance project ArmorFi. Schlindwein delivered the submission a mere 24 hours after ArmorFi offered 1m in mostly vested Armor tokens (current market value $1.5m USD) to anyone who could find a critical exploit in its smart contract code. In the initial announcement of the bounty, ArmorFi CTO Robert Forster offered to get a tattoo of the name or handle of any hacker who found a critical bug.


Domestic Kitten hacking group strikes local citizens considered a threat to Iranian regime

Domestic Kitten, also tracked as APT-C-50, is an advanced persistent threat (APT) group. First discovered in 2018, the APT has ties to the Iranian government and has been linked to attacks against domestic citizens “that could pose a threat to the stability of the Iranian regime,” according to Check Point. Target individuals could include regime dissidents, civil rights activists, journalists, and lawyers.  In a blog post on Monday, the Check Point research team said Domestic Kitten has been conducting widespread surveillance for the past four years, launching at least 10 separate campaigns and maintaining a target list of 1,200 individuals, at a minimum. At present, four active campaigns have been recorded, the most recent of which appears to have begun in November and is ongoing. Domestic Kitten victims are located across the world including in countries such as Iran, the US, Pakistan, and Turkey.


Cyberpunk 2077 developer CD Projekt hit by ransomware attack, reveals hackers’ threats

Cyberpunk 2077 studio CD Projekt Red revealed on Tuesday that its network was hacked, and shared a ransom note left by the hackers on Twitter. The attackers claimed to have got hold of source code for Cyberpunk, The Witcher 3, an “unreleased version of Witcher 3” and spinoff card game Gwent. The hackers threatened to release the games’ source code, along with documents from the Polish game studio’s accounting, legal and other departments if they don’t “come to an agreement.” CD Projekt doesn’t think any personal data of players or users of its services has been compromised, and said it won’t give in to the hackers’ demands or negotiate with them.


Dark web analysis shows high demand for hackers

Positive Technologies’ experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing web resources.  The research found that in the vast majority of cases on these forums, most individuals are looking for a hacker, and in 7 out of 10 ads, their main goal is to gain access to a web resource. The research discovered that in 90% of cases, users of dark web forums will search for hackers who can provide them with access to a particular resource or who can download a user database. Only seven percent of forum messages analyzed included individuals offering to hack websites. The remaining three percent of the messages analysed were aimed at promoting hacking tools, programs and finding like-minded people to share hacking experience.

Related Posts