Every week I publish a post containing the progress and learning that I did in the past week. I’m so far behind on podcasts at this point I’m not sure I’ll ever catch up! Also, I had meetings conflict with the scheduled webinars I wanted to attend so I hope to have time to watch the replays later.
- No webinars this week.
- Discord discloses data breach after support agent got hacked – Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.
- Russian Ransomware Perp Charged After High-Profile Hive, Babuk & LockBit Hits – Russian national Mikahail Pavlovich Matveev has been charged by the US Department of Justice (DoJ) for launching ransomware attacks on critical organizations including law enforcement agencies, healthcare operations, and more.
- This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide – A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks.
- 18-year-old charged with hacking 60,000 DraftKings betting accounts – The Department of Justice revealed today that an 18-year-old man named Joseph Garrison from Wisconsin had been charged with hacking into the accounts of around 60,000 users of the DraftKings sports betting website in November 2022.
- Sunday Paper Debacle: Philadelphia Inquirer Scrambles to Respond to Cyberattack – It’s still unclear when systems for Pennsylvania’s largest media outlet will be fully restored, as employees were told to stay at home through Tuesday.
- Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs – The second generation version of Belkin’s Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely.
- U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator – A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against “thousands of victims” in the country and across the world.
- ASUS routers knocked offline worldwide by bad security update – ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity.
- 3 Common Initial Attack Vectors Account for Most Ransomware Campaigns – The top initial vectors cited by Kaspersky match an earlier report by incident-response firm Google Mandiant, which found that the same common vectors made up the top three techniques — exploitation of vulnerabilities (32%), phishing (22%), and stolen credentials (14%) — but that ransomware actors tended to focus on exploitation and stolen credentials, which together accounted for nearly half (48%) of all ransomware cases.
- Luxottica confirms 2021 data breach after info of 70M leaks online – Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums.
- KeePass Vulnerability Imperils Master Passwords – A newly discovered bug in the open source password manager, if exploited, lets attackers retrieve a target’s master password — and proof-of-concept code is available.
- No podcasts this week.
TryHackMe – SOC Level 1 – Snort Challenge – The Basics completed!