Threat Researchers Live Episode 19
Join us live this Thursday, March 31st at 4pm Paris, 10am New York, 7am Los Angeles, 11pm Tokyo.
Agenda:
Is DDoS a Grime?
Russian/Ukrainian cyber conflict
Organized crime events
DDoS Botnets and attack vectors
OpIsrael update
References
Pre-Invasion Cyber Attacks
https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/
https://netblocks.org/reports/ukraine-banking-and-defence-platforms-knocked-out-russia-conflict-JBQX7mAo
https://arstechnica.com/information-technology/2022/02/torrents-of-malicious-junk-traffic-make-ukrainian-websites-unreachable/
Pre-Invasion Information Warfare
https://cyberpolice.gov.ua/news/kiberpolicziya-vstanovlyuye-osib-prychetnyx-do-rozsylannya-sms-povidomlen-shhodo-zboyiv-u-roboti-bankomativ-7072/
US/UK Attribution
https://www.cyberscoop.com/ukraine-ddos-russia-attribution-white-house-neuberger/
https://www.gov.uk/government/news/uk-assess-russian-involvement-in-cyber-attacks-on-ukraine
https://twitter.com/WHNSC/status/1494796573959725057
GRU and Their Mirai Botnet?
https://www.nrc.nl/nieuws/2022/02/22/cyberaanvallen-op-oekraine-aangestuurd-via-nederland-a4093039
https://twitter.com/360Netlab/status/1493797519725367302
https://twitter.com/bad_packets/status/1493872304987664384
Proxies of Cyber Warfare
https://www.cadosecurity.com/technical-analysis-of-the-ddos-attacks-against-ukrainian-websites/
Escalation in DDoS Attacks
https://twitter.com/DougMadory/status/1496961857638309893
https://twitter.com/DougMadory/status/1496598152706772993
https://twitter.com/360Netlab/status/1497033695341031432
Decline in Network Connectivity in Ukraine
https://twitter.com/netblocks/status/1496760032050003969
Foreign Cyber Legion - IT ARMY of Ukraine
https://t.me/itarmyofukraine2022
https://twitter.com/FedorovMykhailo/status/1497642156076511233
Pro Ukraine Bounty Programs
https://therecord.media/this-ukrainian-cyber-firm-is-offering-hackers-bounties-for-taking-down-russian-sites/
https://twitter.com/Yegor_au/status/1497880962990059522
Russian Vigilante Hackers
https://www.bbc.com/news/technology-60528594
Foreign Cyber Legion - KillNet
https://ria.ru/20220322/kibervoyska-1779400881.html
https://hackerjournal.it/9234/attacco-in-corso-verso-la-banca-nazionale-polacca-npb/
Play for Ukraine
https://www.fastcompany.com/90732766/ddos-play-for-ukraine-russian-cyberattack
https://twitter.com/playforukraine1/status/1504110451952652292?s=20&t=OGO_9fJKuLRhCYlGSwMNnQ
https://twitter.com/playforukraine1/status/1501136722897379332?s=20&t=xmShzE_-VnSpmqJEy9zbYQ
Open Source maintainer pulls npm packages colors and faker
https://snyk.io/blog/open-source-npm-packages-colors-faker/
https://web.archive.org/web/20210628030444/https://marak.com/blog/2021-04-25-monetizing-open-source-is-problematic
Node-ipc package maintainer protests against the war
https://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/
https://www.csoonline.com/article/3654298/developer-sabotages-own-npm-module-prompting-open-source-supply-chain-security-questions.html
Conti Leaks
https://twitter.com/ddd1ms/status/1498070988734570500
https://www.cnn.com/2022/03/30/politics/ukraine-hack-russian-ransomware-gang/index.html
https://therecord.media/conti-leaks-the-panama-papers-of-ransomware/
LAPSUS$
https://www.bloomberg.com/news/articles/2022-03-23/teen-suspected-by-cyber-researchers-of-being-lapsus-mastermind
https://www.theregister.com/2022/03/24/police_lapsus_arrests/
https://www.theregister.com/2022/03/30/lapsus_return_okta_fallout/
Cyclops Blink
https://www.trendmicro.com/en_us/research/22/c/cyclops-blink-sets-sights-on-asus-routers--.html
https://therecord.media/us-and-uk-expose-new-russian-malware-targeting-network-devices/
https://www.cisa.gov/uscert/ncas/alerts/aa22-054a
https://www.ncsc.gov.uk/files/Cyclops-Blink-Malware-Analysis-Report.pdf
https://www.zdnet.com/article/hackers-breach-fsb-contractor-and-leak-details-about-iot-hacking-project/
DanaBot attacks Ukrainian Ministry of Defense
https://www.zscaler.com/blogs/security-research/danabot-launches-ddos-attack-against-ukrainian-ministry-defense
TP240PhoneHome
https://nvd.nist.gov/vuln/detail/CVE-2022-26143
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001
Is DDoS a Grime?
https://www.youtube.com/watch?v=dv5UUH4cZeU&t=139s
Spring4Shell
https://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/
https://isc.sans.edu/diary/Java+Springtime+Confusion%3A+What+Vulnerability+are+We+Talking+About/28500
Comments
Post a Comment