Dnext

#infosec

October 29, 2024 1:45pm

https://infosec.exchange/@screaminggoat/113390900486824005 screaminggoat@infosec.exchange - Operation Magnus Megatoot

EUROJUST: Malware targeting millions of people taken down by international coalition

U.S. Department of Justice: U.S. Joins International Action Against RedLine and META Infostealers

Netherlands Police: Internationale opsporingsdiensten ontmantelen infostealers (Dutch language)

ESET Research: ESET Online Scanner for Redline and META

Multiple press releases about Redline and Meta information stealers were published today after a 24 hour tease (see parent toot above). The European Union Agency for Criminal Justice Cooperation (EUROJUST) states that international law enforcement from the Netherlands, United States, Belgium, Portugal, the United Kingdom, and Australia shut down three servers in the Netherlands, seized two domains, unsealed charges in the United States and took two people into custody in Belgium. The U.S. Department of Justice (DOJ) indicted Maxim Rudometov, one of the developers and administrators of RedLine Infostealer. "According to the complaint, Rudometov regularly accessed and managed the infrastructure of RedLine Infostealer, was associated with various cryptocurrency accounts used to receive and launder payments and was in possession of RedLine malware." The operation spun off of a tip from ESET last year that malware servers were hosted in the Netherlands. The Dutch press release mentions that a search and seizure was carried out at an infostealer customer's home, and multiple Telegram accounts advertising the infostealers were taken offline. ESET provides a free scanner to detect Redline or Meta infostealers. They provide useful instructions beyond running the scanner.

cc: @campuscodi @briankrebs

#operationmagnus #redline #metastealer #cybercrime #infosec #cybersecurity #cyberthreatintelligence #threatintel #CTI #pressrelease #doj #eurojust #politie

Clara Listensprechen Voted 4 Harris

October 10, 2024 7:32pm

Somebody needs to mention that Firefox has halted support for any Windows under 8, which stinks.

♲ Avoid the Hack! :donor: - 2024-10-10 18:04:07 GMT

#Mozilla fixes #Firefox zero-day actively exploited in attacksTracked as CVE-2024-9680. A use-after-free vulnerability in part of Firefox’s Web Animations API, which could give the attacker code execution abilities.

Exploited in the wild, but not a lot of information on how users are targeted.

Mozilla has released a fix - users should update ASAP as upgrading is the best defense here against potential exploitation.

#cybersecurity #security #infosec #browsers

bleepingcomputer.com/news/secu…

Avoid the Hack! :donor: (@avoidthehack@infosec.exchange)

2.34K Posts, 151 Following, 3.35K Followers · An initiative promoting the intersection of internet #privacy and #cybersecurity for all users.  Based in the USA. You are more than just a data point. Operated by:...

𝕕𝕚𝕒𝕟𝕖𝕒

July 9, 2024 4:56pm

Linksys routers are sending Wifi passwords to their servers in plain text 😬

#Infosec #Security

https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/

Linksys Velop routers send Wi-Fi passwords in plaintext to US servers

According to Testaankoop, the Belgian equivalent of the Consumers' Association, two types of Linksys routers are sending Wi-Fi login details in plaintext

anonymiss

June 4, 2024 11:34pm

#Windows #Recall demands an extraordinary level of #trust that #Microsoft hasn’t earned

source: https://arstechnica.com/ai/2024/06/windows-recall-demands-an-extraordinary-level-of-trust-that-microsoft-hasnt-earned/

This, as many users in #infosec communities on social media immediately pointed out, sounds like a potential #security #nightmare. That’s doubly true because Microsoft says that by default, Recall’s screenshots take no pains to redact sensitive information, from usernames and passwords to health care information to NSFW site visits. By default, on a #PC with 256GB of storage, Recall can store a couple dozen gigabytes of data across three months of PC usage, a huge amount of personal data.

#bigdata #privacy #bigbrother #cybersecurity #software #os #surveillance #danger #warning #AI #fail #news

Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned

Op-ed: The risks to Recall are way too high for security to be secondary.

hackbyte (friendica) 13HB1

May 28, 2024 8:08pm

Things are really different in the #fediverse.

If i get a follow/connect/friendship request, it actually matters from _where_ that comes.

shitposter..club? GTFO, *delete*.

mastodon..social? Well, i need to see your profile and latest posts first.

infosec..exchange? Uh?? Well, tell me what you have to say ;)

On shitter, goggle plus, fuckbook and virtually _any_ other "social media" or "dating" site, it's completely irrelevant what your "domain" is.

And while still not using BS, i imagine it's virtually the same over there, cuz you can enter your own domain at will, but are not actually hosting shit at all.......

#infosec #mastodon #shitposter #follow #requests #RandomShit ;)

Hackaday (unofficial)

April 24, 2024 6:00pm

Supercon 2023: Alex Lynd Explores MCUs in Infosec

#cons #hackadaycolumns #securityhacks #2023hackadaysupercon #esp32 #esp8266 #infosec #presentation #surveillance #talk #hackaday
posted by pod_feeder_v2

Supercon 2023: Alex Lynd Explores MCUs In Infosec

The average Hackaday reader hardly needs to be reminded of the incredible potential of the modern microcontroller. While the Arduino was certainly transformative when it hit the scene, those early …

Alexandre

April 4, 2024 2:34am

Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents

A group of hackers has announced the release of sensitive documents purportedly belonging to the Five Eyes Intelligence Group (FVEY), a prominent intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States.

The United States Department of State has launched an investigation into a possible cyber attack after confidential documents, which were reportedly obtained by a malicious actor, were leaked from a government contractor.

Breach Announcement on BreachForums

The announcement was made on a forum known as BreachForums, where a user with the handle “IntelBroker” posted a message to the community.

Run Free ThreatScan on Your Mailbox

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .

Run Free Threat Scan

The post, dated April 2, 2024, claims that the data was obtained by infiltrating Acuity Inc, a company alleged to work closely with the US government and its allies.

According to a recent tweet by HackManac, the alleged security breach at Acuity Inc has resulted in the exposure of highly sensitive intelligence documents belonging to the Five Eyes Intelligence Group (FVEY).

[

#DataBreach

](https://twitter.com/hashtag/DataBreach?src=hash&ref_src=twsrc%5Etfw)

Alert ⚠️

🇺🇸

[

#USA

](https://twitter.com/hashtag/USA?src=hash&ref_src=twsrc%5Etfw)

: Alleged Acuity Inc breach leads to leak of sensitive Five Eyes Intelligence Group (FVEY) documents.

The threat actor group consisting of IntelBroker, Sanggiero, and EnergyWeaponUser claims to have breached Acuity Inc, a federal tech consulting firm,…

[

pic.twitter.com/qGV8IUmkT7

](https://t.co/qGV8IUmkT7)

— HackManac (@H4ckManac)

[

April 3, 2024

](https://twitter.com/H4ckManac/status/1775402497768628236?ref_src=twsrc%5Etfw)

The hackers assert that the breach resulted in acquiring full names, emails, office numbers, personal cell numbers, and government, military, and Pentagon email addresses.

⚠️

[

#BREAKING

](https://twitter.com/hashtag/BREAKING?src=hash&ref_src=twsrc%5Etfw)

⚠️Allegedly, notorious threat actor IntelBroker, has released National Security Documents and data. Per IntelBroker below..

[

#Clearnet

](https://twitter.com/hashtag/Clearnet?src=hash&ref_src=twsrc%5Etfw)

[

#DarkWebInformer

](https://twitter.com/hashtag/DarkWebInformer?src=hash&ref_src=twsrc%5Etfw)

[

#Cyberattack

](https://twitter.com/hashtag/Cyberattack?src=hash&ref_src=twsrc%5Etfw)

[

#Cybercrime

](https://twitter.com/hashtag/Cybercrime?src=hash&ref_src=twsrc%5Etfw)

[

#Infosec

](https://twitter.com/hashtag/Infosec?src=hash&ref_src=twsrc%5Etfw)

[

#CTI

](https://twitter.com/hashtag/CTI?src=hash&ref_src=twsrc%5Etfw)

[

#NSA

](https://twitter.com/hashtag/NSA?src=hash&ref_src=twsrc%5Etfw)

Documents belonging to the Five Eyes Intelligence..

Compromised Data:…

[

pic.twitter.com/I5n41utQN9

](https://t.co/I5n41utQN9)

— Dark Web Informer (@DarkWebInformer)

[

April 2, 2024

](https://twitter.com/DarkWebInformer/status/1775295354910466200?ref_src=twsrc%5Etfw)

The compromised data also includes classified information and communications between the Five Eyes countries and their allies.

Implications of the Leak

If confirmed, the leak could have significant implications for national security and the operational integrity of the intelligence-sharing network.

The Five Eyes alliance is known for its collaborative intelligence gathering and analysis efforts, playing a pivotal role in global security operations.

At the time of reporting, there has been no official statement from any of the Five Eyes member countries or Acuity Inc. regarding the authenticity of the leaked documents or the extent of the breach.

The silence from official channels has led to speculation and concern among cybersecurity experts and government officials alike.

Cybersecurity agencies are likely to conduct thorough investigations to ascertain the validity of the claims made by the hackers.

The incident underscores the persistent threat cybercriminals pose to national and international security.

`Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide`

The post Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder

#DataBreach Alert ⚠️

🇺🇸#USA: Alleged Acuity Inc breach leads to leak of sensitive Five Eyes Intelligence Group (FVEY) documents.

The threat actor group consisting of IntelBroker, Sanggiero, and EnergyWeaponUser claims to have breached Acuity Inc, a federal tech consulting firm,… pic.twitter.com/qGV8IUmkT7
— HackManac (@H4ckManac) April 3, 2024

Se7h 💻 🐃

March 23, 2024 11:41pm

Les Hackers face aux cyberguerres ? Bluetouff, Fabrice Epelboin et Marc-Antoine Ledieu [EN DIRECT]

https://piped.video/watch?v=ri2GT4IDqb4

https://youtu.be/ri2GT4IDqb4

#InfoSec #SécuritéInformatique #LogicielLibre #Bidouilleurs #Hackers #Hacking #Géopolitique #Politique #Philosophie #Justice

Alexandre

March 21, 2024 1:34pm

Nemesis Market: Leading Darknet Market Seized

The infamous Nemesis Market, a leading figure in the darknet marketplace ecosystem, has been successfully seized.

This operation dismantles a major hub of illegal online trade, ranging from narcotics to stolen data, affecting thousands of users worldwide.

The Rise of Nemesis Market

Nemesis Market emerged as a dominant player in the darknet space, filling the void left by previous marketplaces that were taken down by law enforcement.

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

Book Your spot

It quickly gained notoriety for its sophisticated security measures, a wide array of illicit goods, and its ability to evade the authorities.

The platform was known for trading in drugs, weapons, stolen identity data, and other illegal goods and services.

The seizure of Nemesis Market was the culmination of Operation Dark Hunt, a coordinated effort by law enforcement agencies in several countries.

The operation involved months of meticulous planning, surveillance, and collaboration between various international cybersecurity units.

Details of the operation remain classified, but sources indicate that combining cutting-edge digital forensics and traditional detective work was vital to infiltrating the market’s defenses.

The breakthrough came when investigators traced transactions to the market’s administrators, leading to their identification and arrest.

According to a recent tweet by Dark Web Informer, the Nemesis Market, one of the top five online marketplaces on the dark web, has been taken down.

🚨BREAKING🚨Nemesis Market, a top 5 darknet market, has been seized.

[

#Nemesis

](https://twitter.com/hashtag/Nemesis?src=hash&ref_src=twsrc%5Etfw)

[

#DarkWebInformer

](https://twitter.com/hashtag/DarkWebInformer?src=hash&ref_src=twsrc%5Etfw)

[

#DarkWeb

](https://twitter.com/hashtag/DarkWeb?src=hash&ref_src=twsrc%5Etfw)

[

#Cybersecurity

](https://twitter.com/hashtag/Cybersecurity?src=hash&ref_src=twsrc%5Etfw)

[

#Cyberattack

](https://twitter.com/hashtag/Cyberattack?src=hash&ref_src=twsrc%5Etfw)

[

#Cybercrime

](https://twitter.com/hashtag/Cybercrime?src=hash&ref_src=twsrc%5Etfw)

[

#Infosec

](https://twitter.com/hashtag/Infosec?src=hash&ref_src=twsrc%5Etfw)

[

#CTI

](https://twitter.com/hashtag/CTI?src=hash&ref_src=twsrc%5Etfw)

[

#Darknet

](https://twitter.com/hashtag/Darknet?src=hash&ref_src=twsrc%5Etfw)

[

pic.twitter.com/P22VDSo79v

](https://t.co/P22VDSo79v)

— Dark Web Informer (@DarkWebInformer)

[

March 21, 2024

](https://twitter.com/DarkWebInformer/status/1770787868975210700?ref_src=twsrc%5Etfw)

The Impact on the Darknet Landscape

The takedown of Nemesis Market sends a powerful message to the darknet community: no entity is beyond the reach of the law.

This operation has significantly disrupted the supply chains of various illegal goods and services, temporarily decreasing their availability on the dark web.

However, experts warn that the void left by Nemesis Market is likely to be filled by other emerging platforms.

The dynamic nature of the darknet means that as one market falls, others rise to take its place.

Law enforcement agencies know this cycle and continuously develop new strategies to combat illegal online trade.

The Future of Cyber Law Enforcement

The successful seizure of Nemesis Market highlights the growing sophistication and international cooperation of cyber law enforcement.

Agencies are increasingly relying on advanced technology and cross-border collaborations to tackle the challenges posed by the darknet.

As the digital landscape evolves, so do the strategies of those operating within it.

The battle against illegal online marketplaces is ongoing, with both sides continuously adapting to the ever-changing environment.

The seizure of Nemesis Market is a significant milestone in the fight against darknet marketplaces.

It demonstrates the effectiveness of international law enforcement cooperation and the importance of staying ahead in the technological arms race against cybercriminals.

While challenges remain, the takedown of Nemesis Market is a testament to the global commitment to combating cybercrime and protecting citizens from the dangers of the dark web.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

The post Nemesis Market: Leading Darknet Market Seized appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder

🚨BREAKING🚨Nemesis Market, a top 5 darknet market, has been seized. #Nemesis #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI #Darknet pic.twitter.com/P22VDSo79v
— Dark Web Informer (@DarkWebInformer) March 21, 2024

Alexandre

March 21, 2024 1:34pm

Nemesis Market: Leading Darknet Market Seized

The infamous Nemesis Market, a leading figure in the darknet marketplace ecosystem, has been successfully seized.

This operation dismantles a major hub of illegal online trade, ranging from narcotics to stolen data, affecting thousands of users worldwide.

The Rise of Nemesis Market

Nemesis Market emerged as a dominant player in the darknet space, filling the void left by previous marketplaces that were taken down by law enforcement.

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly