Friday 14th April 2023
CTI Weekly: US Intelligence Leak Links Russia to Threat Actors
Highly confidential intelligence documents, allegedly leaked from the US Pentagon, reveal communications between a Russian government agent and pro-Russian cyber threat actors.
The leaked documents include details of US satellite surveillance capabilities and references to intercepted communications between a pro-Russian hacktivist group and Russia’s intelligence agency, claiming to have gained access to a Canadian gas pipeline.
If accurate, this would represent the first known instance of a pro-Russian hacktivist group conducting a disruptive operation against Western industrial control systems. The findings suggest cooperation between pro-Russian hacktivist groups and Russian state organizations, further suggesting that the Russian state supports, or at least coordinates with, pro-Russian threat actors whose motivations align with the government’s objectives.
Microsoft has fixed a zero-day vulnerability in Windows Common Log File System drivers that was being used to deploy Nokoyawa ransomware by escalating privileges.
Apple has released emergency security updates to address two zero-day vulnerabilities affecting various devices amid unconfirmed reports of active exploitation.
The data of several companies has been leaked through ChatGPT prompts, highlighting the need for corporate policies on the use of AI services. Hyundai has reported a data breach that affected an undisclosed number of customers in Italy and France due to a database compromise.
State Use of Malware
QuaDream, an Israeli company, has been selling the REIGN platform to governments. This platform consists of exploits, malware, and infrastructure used to extract data from mobile devices. An update regarding this is provided in the full intelligence summary, subscribe below to see
Subscribe below to more and to discover other significant cyber criminals, nation-state and hacktivist news.
Get our latest cyber intelligence insights straight into your inbox
Fill out the short form below to subscribe to our newsletter so that you never miss out on
our cyber intelligence insights and news.