Beyond the Hack / December 2024
Blaze Information Security
Experts in offensive cybersecurity and penetration testing.
Hey folks,
December has always been my favorite month – not for the holidays but for the Chaos Communication Congress in Hamburg. There’s nothing quite like wrapping up the year among the sharpest minds in cybersecurity. If you’re heading there, let’s catch up – I’ll be around.
Before that, you can also meet me and the Blaze team at Black Hat EU in London on December 11-12, which we’re sponsoring this year. Swing by our booth, grab some swag and say hi. Oh, we’re giving away 10 Flipper Zeros at Black Hat - don’t miss out!
I wish you all a secure and happy holiday season. See you out there or in the new year.
Cheers, Julio Fort
T-Mobile has been confirmed as a target of the Chinese-linked Salt Typhoon cyber-espionage campaign, which has compromised U.S. and international telecom infrastructure. Hackers exploited vulnerabilities, including in Cisco routers, to access communications of senior U.S. officials, capturing call logs, unencrypted texts, and surveillance data. While T-Mobile states no significant customer impact has been identified, this operation, spanning months, is considered a historic and severe national security threat.
Legal documents in the WhatsApp v. NSO Group case reveal that NSO Group, rather than its clients, directly controls and uses Pegasus spyware to extract data by targeting specific phone numbers. Depositions show NSO employees acknowledged misuse, including in cases like Princess Haya of Dubai, whose phone was hacked by UAE authorities using Pegasus. This contradicts NSO's claims that clients control operations. WhatsApp seeks summary judgment, leveraging testimony that Pegasus directly accessed WhatsApp's servers for targeting.
Germany's Federal Ministry of Justice has proposed amendments to its computer criminal law to protect IT security researchers from criminal liability for identifying security gaps. Federal Justice Minister Dr. Marco Buschmann stated, "Anyone who wants to close IT security gaps deserves recognition - not a letter from the public prosecutor." The draft also includes harsher penalties for serious cybercrimes, particularly those compromising critical infrastructure or conducted for financial gain. This is a sharp contrast to Paragraph 202C, a law enacted in 2007 that made it illegal to possess, use, produce, or distribute a “hacker tool” in Germany, nearly outlawing security research in the country.
Finastra, a financial software provider for 45 of the world's top 50 banks, confirmed a data breach on its Secure File Transfer Platform detected on November 7, 2024. Cybercriminal "abyss0" allegedly stole 400GB of client data, including banking information, offering it for sale on cybercrime forums. Initial findings suggest compromised credentials were used.
The Health Care Cybersecurity and Resiliency Act of 2024, introduced on November 17, mandates new cybersecurity measures for the healthcare sector, including improved coordination between HHS and CISA, and a required cyber incident response plan within a year. The bill focuses on modernizing HIPAA regulations to enforce best cyber practices and offers grants to enhance cyberattack prevention, training, and breach resilience.
Check out our recently updated DORA ebook and the latest requirements for performing threat-led penetration testing. Get practical advice on how to prepare for The Digital Operational Resilience Act coming into force in January 2025.
?? Win gadgets for cybersecurity specialists!
Our virtual booth is already live for everyone attending Black Hat. Here, you can book a meeting with our experts, download materials, and preview some of the cool swag we’ve prepared. Prizes include Flipper Zeros, hoodies, and socks from Stand4Socks—a brand that supports vulnerable people in need by donating warm, quality socks for every pair sold.
Black Hat Europe
London, UK / 11-12 December
BSides, London
London, UK / 14 December
Chaos Communication Congress (38C3)
Hamburg, Germany / 27-30 December
Cyber culture: "Surveilled" (2024, HBO, 60 min).
In "Surveilled", Pulitzer Prize winning journalist Ronan Farrow explores the global spyware industry, particularly NSO Group's Pegasus. While Pegasus has been extensively reported on, the documentary remains fast-paced and engaging, enriched by interviews with NSO employees, ex-employees, buyers of the spyware, and experts like Citizen Lab. Notably, recent revelations from the WhatsApp lawsuit – exposing NSO’s direct role in managing Pegasus operations – emerged just before the documentary’s release, casting its findings in an even more troubling light.
Being aware of threats is not enough – take action!
Discover special offers, explore our services and find the right penetration testing solution for your organization's cybersecurity needs.