AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/7/2024

RSA Conference 2024: What to expect

Artificial intelligence will dominate this week’s RSA Conference 2024 with nearly a dozen keynotes and even more technical sessions dedicated to how the technology is reshaping the industry and fueling innovation. Keynote headliners, such as Secretary of State Antony J. Blinken, are expected to broaden the discussion to include the U.S. government’s efforts to infuse cybersecurity innovation into emerging technologies such as AI, quantum computing and biotechnology. This year’s theme is “The Art of Possible,” a topic to be unpacked by Hugh Thompson, executive chairman, RSAC, at his opening keynote “The Power of Community” on Monday. RSAC is about community problem solving, Thompson said in a recent post.


North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts

North Korean threat actors are exploiting weak email policies to spoof legitimate domains during espionage phishing campaigns, a new US government advisory has warned. The FBI, the US Department of State and the National Security Agency (NSA) said North Korea-linked Kimsuky group is exploiting poorly configured DNS Domain-based Message Authentication, Reporting and Conformance (DMARC) protocols to pose as legitimate journalists, academics or other experts in East Asian affairs with credible links to North Korean policy circles.


Germany and allies accuse Russia of sweeping cyberattacks

Germany accused Russia on Friday of launching cyberattacks on its defence and aerospace firms and ruling party, as well as targets in other countries, and warned there would be unspecified consequences. Russia’s embassy in Berlin dismissed the accusations – that were echoed by the Czech Republic, the NATO defence alliance and the U.S. State Department – calling them “another unfriendly step aimed at inciting anti-Russian sentiments in Germany”.  NATO said the campaign had also targeted government bodies, “critical infrastructure operators” and other entities in Lithuania, Poland, Slovakia and Sweden. The accusations come at a time of heightened anxiety in Europe over suspected Russian hackers and spies since Moscow’s invasion of Ukraine in 2022, and in the run-up to European elections.


Lockbit’s seized site comes alive to tease new police announcements

The NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday. On February 19, a law enforcement operation called Operation Cronos took down LockBit’s infrastructure, including 34 servers hosting the data leak website and its mirrors, data stolen from the victims, cryptocurrency addresses, 1,000 decryption keys, and the affiliate panel.


MoD data breach: UK armed forces’ personal details accessed in hack

The personal information of an unknown number of serving UK military personnel has been accessed in a significant data breach, the BBC understands. The hack targeted a payroll system used by the Ministry of Defence, which includes names and bank details of both current and some past armed forces members. In a very small number of cases, the data may include personal addresses. It is unknown who is behind the hack or what the data may be used for. The data, described as “personal HMRC-style information”, relates to current and former members of the Royal Navy, Army and Air Force over a period of several years. The system was managed by an external contractor and no operational MoD data has been obtained.

Related Posts