Szele Tamás: Kína és az OSINT-kutatások
Ne feledjük: amelyik zárat ember készítette, azt a másik ember ki is tudja nyitni. Az a nem mindegy, ki az a másik, és mennyire találékony.
Cybersecurity
Szele Tamás: Elon Musk és az ő fröccsöntött igazsága
Ez nem igazság, ez egyszerű, vásári, fröccsöntött műanyag bóvli, információutánzat. Közhelyparádé, semmi több.
Hacked: Russian GRU officer wanted by the FBI, leader of the hacker group APT 28
Ukrainian hacktivist team Cyber Resistance hacked the email of Lieutenant Colonel Sergey Alexandrovich Morgachev, an officer of the Russian Main Intelligence Directorate of the General Staff of the Russian Army (GRU), leader of the Russian hacker group APT 28, consisting of officers of the 85th Main Special Service Center of
Russian Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats. Two weeks ago, Sentinel Labs reported on a recent operation by 'Winter Vivern&
Supply Chain Attack Against Customers Of Business Phone Provider 3CX Using Trojanized 3CX Desktop App
Hackers may have compromised the networks of thousands of businesses due to a supply-chain attack on the enterprise phone company 3CX, which confirmed on Thursday its desktop app had been bundled with malware. 3CX provides office phone systems to more than 12 million daily users at over 600,000 companies,
Analysis of the "#VulkanFiles" Leak
A whistleblower has provided several media organizations with access to leaked documents from a Russian IT firm named NTC Vulkan (Russian: НТЦ Вулкан) that allegedly show how the firm supports Russia's military and intelligence agencies with cyber warfare tools. Journalists from Der Spiegel and Munich-based investigative group Paper
Bitter APT group targets China’s nuclear energy sector
Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group. The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group focuses on energy and government sectors, in the past, the group targeted organizations
Szele Tamás: A GRU főhackere
Még mindig egy olyan világban élünk, ahol a tehetség nyilvánvalóan annyira korlátozott, hogy az ellenfeleket közelről ismerjük.
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft shared guidance for investigating attacks using critical CVE-2023-23397 vulnerability in Outlook. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction.
Szele Tamás: Kémszoftverek lavinája
A Pegasus-botrány idején ugyanis (bár az NSO kezét kötötték az állami tiltások is) komolyan felvetődött a kérdés, hogy miért nem használta Oroszország is a kémszoftvert? A válasz csak az lehetett, hogy azért, mert már van sajátja.
Pro-Russia hackers are increasingly targeting hospitals, researchers warns
Cybersecurity researchers said this week that they have observed the pro-Russia hacking group known as Killnet increasingly launch distributed denial of service (DDoS) attacks targeting healthcare organizations since November. Killnet was established following Russia’s invasion of Ukraine in February 2022, and spent most of the last year launching DDoS
YoroTrooper cyberspies target CIS energy orgs, EU embassies
A new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and energy organizations in Commonwealth of Independent States (CIS) countries. According to Cisco Talos, the threat actor has compromised accounts of a critical European Union agency engaged in healthcare, the
Russia-linked APT29 Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine
Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU countries. The hackers targeted diplomatic entities and systems
Silicon Valley Bank Collapse Triggers Heightened Cybersecurity Concerns
Threat Actors Exploiting Silicon Valley Bank (SVB) Collapse Scenario To Launch Cyber-Attacks Following a bank run on its deposits, Silicon Valley Bank (SVB) experienced a failure on March 10, 2023, and has garnered significant media attention. As SVB has traditionally been the preferred banking partner for many startups worldwide, its
Szele Tamás: Kémballon a zsebünkben
A TikTok információgyűjtése az érdeklődési köröket és a viselkedési szokásokat vázolja fel, ezekről alkot profilt – vagyis arról, ami a legintimebb egy közösségben.
Summary Of Belarusian ThreatActor, Ghostwriter Group
Western countries don't appear to have an answer or robust knowledge about the operators behind Ghostwriter (aka UNC1151), a threat actor that has been engaged in a mixture of hack-and-leak and dis/misinformation campaigns over the past half-decade, a report [PDF] from Cardiff University has concluded. The group,