AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/07/2022

Ukraine to issue non-fungible tokens to fund armed forces

Ukraine has announced it will issue non-fungible tokens to fund its armed forces, as cryptocurrency becomes an increasingly popular means of giving support to the government in Kyiv. Mykhailo Fedorov, Ukraine’s vice-prime minister, said on Twitter on Thursday that the government would soon issue NFTs to help pay for its military. NFTs confer ownership of a unique digital item – with pieces of virtual art proving particularly popular – upon their buyer, even if that item can be easily copied. Ownership is recorded on a digital, decentralised ledger known as a blockchain. Fedorov did not give further details of the NFTs but said the government had cancelled earlier plans to reward cryptocurrency donors with an airdrop, a free digital token typically used by the crypto community to encourage participation in a project.


Malware is being geared to evade AI-based defenses

The latest Cyber Threat Landscape Report out this week from Deep Instinct reveals that bad actors are clearly investing in anti-AI and adversarial attack techniques and integrating these methods into their larger evasion strategy. It also highlights a change in the way attacks are carried out and says we are now witnessing some groups opting to inflict maximum impact over a shorter time span. These short duration attacks are carried out with the goal of damaging data (its confidentiality and availability), destabilizing a business, and impairing business continuity. This is in contrast to the earlier pattern of attackers looking to stay in a network for extended periods, stealing information, and avoiding detection from security solutions for as long as possible.


Healthcare Company Mon Health Discloses Second Data Breach

Monongalia Health System (Mon Health) this week started notifying patients, employees, and partners of a cyberattack that may have resulted in their data being stolen. The healthcare services provider discovered the incident on December 18, when some of its IT systems were disrupted, but learned of the potential data theft only a couple of weeks later. The attackers had access to the organization’s network between December 8 and December 19. The data breach may have resulted in patient information – alongside employee, provider, and contractor data – being stolen, but the attackers weren’t able to access the organization’s health electronic records systems.


Hacktivists, cybercriminals switch to Telegram after Russian invasion

Telegram messaging has taken a pivotal role in the ongoing conflict between Russia and Ukraine, as it is being massively used by hacktivists and cybercriminals alike. According to a report from cybersecurity company Check Point, the number of Telegram groups has increased sixfold since February 24 and some of them, dedicated to certain topics, have ballooned in size, in some cases counting more than 250,000 members. The group that stands out among those that lead the anti-Russia cyber-warfare operations is the “IT Army of Ukraine”, which currently counts 270,000 members. IT Army of Ukraine was formed by cyber-specialists in the country, and the results of its operation became evident quickly.


Hackers leak 190GB of alleged Samsung data, source code

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from Nvidia GPU designer. In a note posted earlier today, the extortion gang teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software. Shortly after teasing their followers, Lapsus$ published a description of the upcoming leak, saying that it contains “confidential Samsung source code” originating from a breach.


Volunteer hackers converge on Ukraine conflict with no one in charge

The hackers came from around the world. They knocked Russian and Ukrainian government websites offline, graffitied antiwar messages onto the homepages of Russian media outlets and leaked data from rival hacking operations. And they swarmed into chat rooms, awaiting new instructions and egging one another on. The war in Ukraine has provoked an onslaught of cyberattacks by apparent volunteers unlike any that security researchers have seen in previous conflicts, creating widespread disruption, confusion and chaos that researchers fear could provoke more serious attacks by nation-state hackers, escalate the war on the ground or harm civilians.


Microsoft fends off record-breaking 3.47Tbps DDoS attack

As Internet attacks go, data floods designed to knock servers offline are among the crudest, akin to a brutish caveman wielding a club to clobber his rival. Over the years, those clubs have grown ever larger. New data provided by Microsoft on Thursday shows there’s no end in sight to that growth. The company’s Azure DDoS Protection team said that in November, it fended off what industry experts say is likely the biggest distributed denial-of-service attack ever: a torrent of junk data with a throughput of 3.47 terabits per second. The record DDoS came from more than 10,000 sources located in at least 10 countries around the world. The DDoS targeted an unidentified Azure customer in Asia and lasted for about two minutes.

Related Posts