Lifeboat Foundation

Inoculation is simple: MFA, regular timely patching.

FBI blames intrusions on improperly configured SonarQube source code management tools.

The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors.

Ryu kidding?

Earlier this week it emerged that third-party giant Capcom’s internal systems had been hacked, though the company claimed that no customer data was affected. It has now emerged that the publisher was targeted by the Ragnar Locker ransomware, software designed to exfiltrate information from internal networks before encrypting the lot: at which point the victim is locked-out, contacted, and extorted.

Bleeping Computer broke the story, and managed to access the Ragnar Locker sample (a ‘proof’ provided to the victim by the hackers), which contains the ransom note allegedly delivered to Capcom. It reads as follows.

Continue reading “Capcom hit by ransomware attack, is reportedly being extorted for $11 million” »

The zero-day appears to have been bought off a black-market website for $3,000.

This marks the first time a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusions.

Japanese game developer Capcom—creator of classic worldwide hits like Street Fighter, and Resident Evil —has been hit with a ransomware attack to its internal networks, compromising a mass of corporate intel on the company’s internal operations.

On Oct. 15, 2020, a federal grand jury in Pittsburgh returned an indictment charging six computer hackers, all of whom were residents and nationals of the Russian Federation (Russia) and officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces.

These GRU hackers and their co-conspirators engaged in computer intrusions and attacks intended to support Russian government efforts to undermine, retaliate against, or otherwise destabilize: (1) Ukraine; (2) Georgia; (3) elections in France; (4) efforts to hold Russia accountable for its use of a weapons-grade nerve agent, Novichok, on foreign soil; and (5) the 2018 PyeongChang Winter Olympic Games after Russian athletes were banned from participating under their nation’s flag, as a consequence of Russian government-sponsored doping effort.

Their computer attacks used some of the world’s most destructive malware to date, including: KillDisk and Industroyer, which each caused blackouts in Ukraine; NotPetya, which caused nearly $1 billion in losses to the three victims identified in the indictment alone; and Olympic Destroyer, which disrupted thousands of computers used to support the 2018 PyeongChang Winter Olympics. The indictment charges the defendants with conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

Continue reading “Six Russian GRU Officers Charged in Connection with Worldwide Deployment of Destructive Malware and Other Disruptive Actions in Cyberspace” »

In the last few years, countless cyber-attacks were reported globally that were linked to the People’s Republic of China. The Chinese cyber-hackers, who target the foreign networks and websites are sponsored by the Chinese government. They are highly trained and have acquired abilities not only to exploit common vulnerabilities but also to discover and even create new vulnerabilities.

The US National Security Agency’s in-depth report of 23rd October points out that one of the greatest threats to the US National Security Systems, Defence Industrial Base and Department of Defence information networks is the “Chinese state sponsored malicious cyber activity”. The report underlines that the Chinese hackers exploit “computer networks of interest that hold sensitive intellectual property, economic, political, and military information.”

In July 2020, US had ordered the closure of the Chinese consulate in Huston, when it discovered that the Chinese officials there were involved in the intellectual property theft and indicted two Chinese nationals for allegedly hacking hundreds of companies and crucially had attempted to steal coronavirus vaccine research. The United States Department of Justice has charged five Chinese national for their involvement in hacking targets not only in the US governments but also the networks of the Indian and Vietnam government. They also carried out attacks on the UK government network unsuccessfully.

Continue reading “Dragon’s cyber hacking operations: State sponsored game-plan” »