Beyond the Hack / November 2024
Blaze Information Security
Experts in offensive cybersecurity and penetration testing.
Hey folks,
Welcome to this month's Beyond the Hack. We're kicking things off with a fascinating story from Sophos on their 5-year investigation into Chinese hackers—it's a deep dive worth reading.?Plus, if you're headed to Black Hat Europe, don't miss out on our exclusive discount code for sessions.
Enjoy the issue, and see you at Black Hat!
Cheers, Julio Fort
Sophos revealed a five-year operation tracking Chinese state-affiliated hackers, specifically APT41, APT31, and Volt Typhoon, exploiting vulnerabilities in its firewalls. The hackers tested intrusion techniques on Sophos devices. Sophos monitored the attackers closely, even planting surveillance code to intercept activity and securing rare malware samples, including a bootkit designed to hide in firewall firmware. The campaigns targeted criticxal sectors worldwide, including military and energy infrastructure.
The Chinese state-sponsored group "Salt Typhoon" breached multiple U.S. broadband providers, accessing systems involved in court-authorized wiretapping. This critical compromise allowed them to monitor network traffic and possibly exfiltrate sensitive data. Major ISPs like Verizon, AT&T, and Lumen were affected. The U.S. government is investigating the extent of the intrusion, which it considers a major national security threat.
The European Securities and Markets Authority (ESMA) is pushing for mandatory third-party cybersecurity audits for crypto firms under the EU's Markets in Crypto-Assets Regulation (MiCA). Following high-profile breaches, including $1.5 billion stolen in 2024, ESMA sees cybersecurity audits as critical for consumer protection. MiCA already mandates compliance for licensing, but ESMA believes further measures are necessary to safeguard against frequent and severe cyber threats targeting centralized exchanges.
The U.S. Department of Justice, alongside law enforcement agencies from the Netherlands, Belgium, and Eurojust, has announced an international operation disrupting RedLine and META Infostealers—two major malware strains responsible for compromising millions of computers worldwide. The effort, part of Operation Magnus, targeted the current versions of these infostealers, seizing critical infrastructure and halting their widespread data theft operations.
As October is Cybersecurity Awareness Month, we have prepared a series of posts sharing what we think organizations and cybersecurity enthusiasts might find valuable, from cybersecurity best practices to the best books for hackers. Follow us on LinkedIn this month for some exciting content. We've kicked it off with Cybersecurity Best Practices for Startups. Check it out!
We have joined the App Defense Alliance (ADA), partnering with industry leaders like Google, Meta, and Microsoft to strengthen app security across mobile, web, and cloud environments.
领英推荐
?? Black Hat Europe Discount Alert!
Enjoy the sessions of Black Hat Europe with our exclusive £200 Briefings pass discount. Use code [BLAZE] at registration.
See you there!
Ekoparty
Buenos Aires, Argentina / 13-15 November
BSides Lisbon
Lisbon, Portugal / 14-15 November
Oh My Hack
Warsaw, Poland / 26 November
NullByte Conference
Salvador, Brazil / 30 November
Losing the Signal by Jacquie McNish and Sean Silcoff
Losing the Signal tells the story of how BlackBerry went from dominating mobile phones to crashing hard. It follows BlackBerry's founders as they revolutionized communication with their secure, addictively popular devices but then struggled as the iPhone and Android took over. Internal conflicts, missed opportunities, and a failure to keep up with fast tech changes all led to BlackBerry's decline. It's a story of how even game-changing companies can fall behind.
Being aware of threats is not enough – take action!
Discover special offers, explore our services and find the right penetration testing solution for your organization's cybersecurity needs.