Cyber ​​Security Headlines: Pakistan investigates nationwide blackout, FBI identifies Horizon Bridge hackers, GoTo hack bigger than first reported

Cyber ​​Security Headlines: Pakistan investigates nationwide blackout, FBI identifies Horizon Bridge hackers, GoTo hack bigger than first reported

Pakistani authorities are investigating whether cyber attacks caused the nationwide blackout

On Tuesday, Pakistan’s energy minister, Khurram Dastgir Khan, said there was a “remote chance” that Monday’s nationwide blackout, which left millions without power, was caused by hackers. While cyber attacks on power grids are relatively rare, blackouts have recently become common in Pakistan, due to an ongoing economic crisis and last year’s devastating floods. Khan said power across Pakistan was “fully restored” within 24 hours and that the cause of the blackout was still being investigated.

(The record)

FBI identifies hackers behind Horizon Bridge crypto theft

The Federal Bureau of Investigation (FBI) confirmed on Monday that the North Korea-backed Lazarus Group and APT38 were responsible for the theft of $100 million worth of crypto from the Harmony Horizon Bridge back in June. The attack leveraged a campaign called TraderTraitor that socially engineered crypto company employees to download rogue applications. The FBI says that just two weeks ago, threat actors laundered over $60 million worth of ethereum (ETH) stolen during the June 2022 heist. A portion of the stolen funds have been frozen in cooperation with virtual asset providers.

See also  Citizen Sleeper made finding community fun

(The Hacker News)

GoTo says hackers stole encrypted backups and MFA settings

GoTo CEO Paddy Srinivasan confirmed that the security breach last August that affected the LastPass affiliate had a much wider impact than originally reported. The hack resulted in the theft of account usernames, salted and hashed passwords, product settings and license information. In addition, encrypted backups were exfiltrated from a third-party cloud storage service along with the encryption key for a portion of the backups. Stolen backups affected Central, Pro, join.me, Hamachi and RemotelyAnywhere products. Additionally, a small number of Rescue and GoToMyPC customers had their MFA settings compromised. GoTo says it is resetting passwords and MFA settings for affected users. The company is also migrating accounts to a more secure Identity Management Platform.

(Security Week)

Riot Games refuses to pay ransom for stolen source code

Riot Games said on Tuesday it received a ransom email after last week’s cyber attack, but indicated it is refusing to pay. The video game developer said the source code for League of Legends and Teamfight Tactics games was exfiltrated during the attacks, but no player or personal data was compromised. The company expressed concern that the hack could lead to new game cheats appearing, but says it is prepared to quickly deploy fixes if that happens.

(The record)

And now a word from our sponsor, SafeBase

Start the journey towards long-term customer trust with SafeBase. Our Smart Trust Center helps your organization build customer trust through improved transparency, secure document sharing, process control and insight, and proactive communication. Security and GRC leaders at companies like Jamf, Instacart and Snyk all rely on SafeBase as a central enabler for their trust program. Learn more and check out the case studies at SafeBase.com

Zero Trust will not mitigate over half of the attacks

According to a new report from Gartner, only one in 10 large enterprises will have a “mature and measurable” zero trust program in place by 2026. Gartner warned that over the next three years, more than half of all cyber attacks will be focused on areas such as zero trust controls does not reduce. Gartner cited API attacks, social engineering, and exploitation of other employee-created control bypasses as examples of areas not protected by ZTAs. Despite this, Gartner says ZTA still reduces risk and limits the impact of many threats.

See also  Des pirates ont pénétré dans la communauté virtuelle des animaux de compagnie de Neopet

(Infosecurity Magazine)

Microsoft Office to block XLL extensions

Microsoft is getting ready to improve the protection of Office users by automatically blocking XLL extensions in Excel files. XLL add-ons are dynamic link library (DLL) files written in C or C++, and can only be opened in Excel. In recent years, threat actors have misused these files to distribute malware, usually via phishing campaigns. Currently, the feature is only in development, with worldwide rollout set for March 2023.

(Security Week)

DragonSpark uses Go-based tools to avoid detection

SentinelLabs has discovered a hacker group, called ‘DragonSpark’, exploiting a stealthy and little-known open source tool called SparkRAT to steal sensitive data from compromised systems. SparkRAT is a Golang-based open source tool that can run on Windows, macOS and Linux, to enable remote access. The Go script uses a payload called ‘Metepreter’, which avoids static analysis by allowing code to run without first compiling it. The threat actors use the tool to exploit vulnerable MySQL database servers in China, Taiwan and Singapore and then launch additional attacks. All the open source tools used by DragonSpark were developed by Chinese authors.

(Blueing computer)

Live Nation blames bot attacks for Taylor Swift fiasco

Back in November, Ticketmaster systems were crippled as hordes of Taylor Swift fans attempted to purchase tickets for the singer’s upcoming US tour. On Tuesday, Live Nation’s CFO told the Senate Judiciary Committee that Ticketmaster’s services were affected by triple the amount of bot traffic they had ever experienced before. In addition, the company’s “Verified Fan access code servers” were targeted. The statement comes amid speculation that the federal government may take antitrust action against the company. We’ll see if Live Nation can shake it off.

See also  Mauvaise teinte de fond de teint ? Utilisez ce hack de maquillage TikTok pour changer comme par magie votre teinte pour une correspondance parfaite


You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *