AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/08/2024

DOJ, Microsoft seize 107 domains used in Russia’s Star Blizzard phishing attacks 

The US Department of Justice and Microsoft have seized 107 websites used by Russian cyberspies in a phishing campaign to steal sensitive information from US government agencies, think tanks, and other victims. Court orders targeted domains belonging to Russia’s Callisto Group (aka Star Blizzard and Coldriver), a hacking unit of the Russian Federal Security Service (FSB) that has been attacking defense, intelligence, political orgs, and academia since at least 2017. “The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials,” US Deputy Attorney General Lisa Monaco said in a statement today announcing the FSB infrastructure disruption. 

 

Linux systems are being hit by a wide-ranging and dangerous new malware 

Linux systems are being targeted by a dangerous new malware that can serve as a loader, a proxy, and a cryptocurrency miner. Called Perfctl, the malware was recently spotted by cybersecurity researchers from Aqua Security, who claim it has been around since at least 2021, and has so far infected thousands of Linux endpoints. There are two main ways threat actors deploy Perfctl – either by exploiting thousands of possible misconfigurations, or by abusing a 10/10 vulnerability discovered last year. 

 

LEGO claims full recovery after hackers hijacked its website to promote crypto scam 

Hackers hijacked the LEGO website and put up a banner urging users to buy a fraudulent cryptocurrency associated with the toy manufacturer. When users clicked the banner, it directed them to a decentralized exchange where they could buy the scam tokens with Ethereum. LEGO responded quickly to remove the malicious links and banners. The toy manufacturer also assured users that no user accounts were compromised and that it had taken preventive measures to prevent future incidents. 

 

Neural data privacy an emerging issue as California signs protections into law 

Neurobiologist Rafael Yuste had what he calls his “Oppenheimer moment” a decade ago after he learned that he could take over the minds of mice by turning on certain neurons in their brains with a laser. While initially excited about how the discovery might help schizophrenics suffering hallucinations, Yuste’s euphoria dissipated once the breakthrough’s serious implications for humans — whose neural data could one day be manipulated in the same way — became clear to him. Neural data is already being harvested from humans — much of it from gamers and meditation practitioners — and sold to third parties, Yuste said in an interview. 

 

The 30-year-old internet backdoor law that came back to bite 

News broke this weekend that China-backed hackers have compromised the wiretap systems of several U.S. telecom and internet providers, likely in an effort to gather intelligence on Americans. The wiretap systems, as mandated under a 30-year-old U.S. federal law, are some of the most sensitive in a telecom or internet provider’s network, typically granting a select few employees nearly unfettered access to information about their customers, including their internet traffic and browsing histories.   

 

Related Posts