AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/02/2022

New Chinese hacking tool found, spurring U.S. warning to allies

Security researchers with U.S. cybersecurity firm Symantec said they have discovered a “highly sophisticated” Chinese hacking tool that has been able to escape public attention for more than a decade. The discovery was shared with the U.S. government in recent months, who have shared the information with foreign partners, said a U.S. official. Symantec, a division of chipmaker Broadcom (AVGO.O), published its research about the tool, which it calls Daxin, on Monday. “It’s something we haven’t seen before,” said Clayton Romans, associate director with the U.S. Cybersecurity Infrastructure Security Agency (CISA). “This is the exact type of information we’re hoping to receive.”

 

Conti Ransomware Group Diaries, Part I: Evasion

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.

 

As Russian tanks rolled into Ukraine, so did malware. Then Microsoft entered the war

Last Wednesday, a few hours before Russian tanks began rolling into Ukraine, alarms went off inside Microsoft’s Threat Intelligence Center, warning of a never-before-seen piece of “wiper” malware that appeared aimed at the country’s government ministries and financial institutions. Within three hours, Microsoft threw itself into the middle of a ground war in Europe — from 5,500 miles away. The threat center, north of Seattle, had been on high alert, and it quickly picked apart the malware, named it “FoxBlade” and notified Ukraine’s top cyberdefense authority. Within three hours, Microsoft’s virus detection systems had been updated to block the code, which erases — “wipes” — data on computers in a network.

 

Ukrainian cyber resistance group targets Russian power grid, railways

A Ukrainian cyber guerrilla warfare group plans to launch digital sabotage attacks against critical Russian infrastructure such as railways and the electricity grid, to strike back at Moscow over its invasion, a hacker team coordinator told Reuters. Officials from Ukraine’s defense ministry last week approached Ukrainian businessman and local cybersecurity expert Yegor Aushev to help organize a unit of hackers to defend against Russia, Reuters previously reported. On Monday, Aushev said he planned to organize hacking attacks that would disrupt any infrastructure that helps bring Russian troops and weapons to his country. “Everything that might stop war,” he told Reuters. “The goal is to make it impossible to bring these weapons to our country.”

 

President Biden wants to ban advertising targeted toward kids

In his first State of the Union address, President Biden has asked Congress to implement new laws to increase child safety on Facebook, TikTok and other social media platforms. “It’s time to strengthen privacy protections, ban targeted advertising to children, demand tech companies stop collecting personal data on our children,” he said on Tuesday evening. To get started on implementing those changes, the White House will specifically ask for funding to study the question of child safety on social media. Biden also plans to request $5 million in next year’s budget to research the mental health impact of social media, while launching a “national Center of Excellence on Social Media and Mental Illness.” The aim of that is to develop new guidance on the impact of adolescent social media use.

Related Posts