Blog
Hacktivists Jumping Into Israel-Hamas Conflict With Cyber Attacks
An assortment of hacktivists are jumping into the Israel-Hamas conflict, and thus far most of the early cyber attacks have been limited denial of service (DDoS) attempts on public websites.
Lazarus Group Driving Increased Activity as Crypto Laundering Sets New Record at $7 Billion
Report on crypto laundering finds the total amount being washed via cross-chain transactions has made another massive jump of nearly $3 billion over the last year, now at $7 billion. North Korea’s Lazarus hacking group is the biggest single driver with nearly a billion dollars of movement of stolen crypto to its name during this time.
Qakbot Malware Botnet Has Been Crippled, But Operators Continue Ransomware Attacks With Email Servers
An August action saw 52 servers seized along with a hoard of over $8 million in cryptocurrency. This was enough for the FBI to confidently declare that the Qakbot malware botnet was “permanently disabled,” but the operators are still spreading ransomware.
Ransomware Attack Costs MGM Over $100 Million, But Cyber Insurance Minimizes Real Impact
MGM expects a little over $100 million in total cost from the ransomware attack, but that most or all of that will be covered. The company also said that most of that financial damage came from loss of hotel bookings during the extended recovery period.
EU Cyber Resilience Act‘s Requirement for Vulnerability Disclosure Within 24 Hours Rankle Open Source Advocates
EU’s Cyber Resilience Act’s vulnerability disclosure terms would require that the government be notified within 24 hours of discovery even if the vulnerability has not yet been patched or had solid mitigation measures developed for it.
Pegasus BLASTPASS Making Use of libwebp Security Vulnerability
NSO Group’s Pegasus spyware recently re-emerged with a new zero-click attack chain called BLASTPASS, and new CVE filings from Google indicate that the libwebp library used to display WEBP images has a security vulnerability that is a key part of the process.
Cisco Routers a New Primary Target for Chinese Hackers Using Custom Firmware
State-backed Chinese hackers targeting older Cisco routers at less well-defended international branches of US and Japanese corporations, By first downgrading to an older firmware, they can then install their own custom firmware with a stealthy backdoor for long-term exfiltration of information.
Is the Price of Zero-Day Exploits Spiking? Exploit Broker Offers $20 Million for Mobile Exploits
A relatively new Russian outfit called “Operation Zero” has made major waves by offering up to $20 million for successful zero-day exploits, a price that would have previously been thought crazy.
Some Decentralized Crypto Companies Have Central Points of Failure, As Mixin Networks Demonstrates in $200 Million Hack
The Mixin theft is currently the largest to hit a crypto company in 2023 and the 10th largest of all time. Security researchers have noted that one of the addresses the stolen $200 million was exfiltrated to has been seen in a previous Lazarus attack.
Russian Crypto Exchanges Have Become a Vital Resource for North Korean Hackers
Report from Chainalysis finds that ties between North Korea’s state-backed APT groups and Russian cyber criminal cartels are deepening. In the past two years North Korean hackers are finding refuge at illicit Russian crypto exchanges to move their funds back home.