Beyond the Hack / October 2024
Blaze Information Security
Experts in offensive cybersecurity and penetration testing.
Hey folks,
Q4 is here, and it's shaping up to be as busy as ever. Blaze is sponsoring Black Hat Europe this year, so you'll find us in London this December. If you're heading there too, drop by our booth and say hello – it would be great to catch up in person. Until then, please check out the latest edition of our newsletter. Happy reading!?
Cheers, Julio Fort
According to the UK's National Crime Agency (NCA), Evil Corp, a Russian cybercriminal group, collaborated closely with Russian intelligence services, targeting NATO countries in cyberattacks and espionage. Led by Maksim Yakubets, the group relied on his FSB-connected father-in-law, Eduard Benderskiy, for protection. Evil Corp also ran ransomware campaigns, and after the 2019 sanctions, its influence declined. Key members, including Aleksandr Ryzhenkov, have since partnered with the LockBit ransomware gang in further attacks.
The FBI warns of imminent North Korean cyberattacks targeting organizations with significant cryptocurrency assets. State-sponsored actors, including Lazarus and Kimsuky, are expected to use social engineering tactics, such as personalized job offers or investment opportunities, to gain trust and access to systems. Mitigation includes verifying contacts, avoiding executing unknown code during recruitment processes, and securing crypto wallet data on non-internet-connected devices.
Fortinet confirmed a data breach after a threat actor, "Fortibitch," claimed to have stolen 440GB of data from its Microsoft SharePoint server. The breach involved unauthorized access to a third-party cloud-based file drive, affecting less than 0.3% of Fortinet's customers. Fortinet stated that no ransomware or corporate network data was involved. The stolen data is allegedly stored in an S3 bucket, but Fortinet refused to pay the ransom demanded by the threat actor.
Following the Change Healthcare ransomware attack, a new bill has been proposed to mandate cybersecurity standards for healthcare providers in the US. The Health Infrastructure Security and Accountability Act would allocate $1.3 billion to HHS for enforcement and require annual audits of major healthcare organizations. It also proposes stricter penalties for cybersecurity failures, focusing on executive accountability and improving system resilience in the healthcare sector.
As October is Cybersecurity Awareness Month, we have prepared a series of posts sharing what we think organizations and cybersecurity enthusiasts might find valuable, from cybersecurity best practices to the best books for hackers. Follow us on LinkedIn this month for some exciting content. We've kicked it off with Cybersecurity Best Practices for Startups. Check it out!
It's only a couple of months until DORA's provisions start to apply to financial organizations in the EU. If you haven't already checked the technical standards for TLPT, you will find it explained in our article on Threat-Led Penetration Testing (TLPT) under DORA. We break down what financial organizations need to know, from testing phases and methodology to tester requirements.
BSides Berlin
Berlin, Germany / 26 October
Hexacon
Paris, France / 3-4 October
BSides NYC
New York, US / 19 October
Chip War: The Fight for the World's Most Critical Technology by Chris Miller
Chip War explores the global struggle for dominance in semiconductor technology, which powers everything from smartphones to military systems. The book details how the competition between the US, China, Taiwan, and other nations to control chip manufacturing and supply chains impacts global power, innovation, and security. It also examines the historical development of semiconductors and their critical role in shaping the modern world and geopolitical tensions.
Being aware of threats is not enough – take action!
Discover special offers, explore our services and find the right penetration testing solution for your organization's cybersecurity needs.