We're Moving! - Websites, That Is
Threat Intelligence / ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
August 17, 2020 | 2 Min Read

Alex, Kacey, and Charles host this week’s ShadowTalk, bringing you the latest in threat intelligence. In this episode they cover:

  • Defaced subreddits – which accounts were impacted and what was the cause?
  • An Intel Leak was exposed by a Twitter user – what was exposed and how did it happen?
  • Troy Hunt’s announcement on open-sourcing HIBP – our take on how it will improve the community at large

Listen below 👇👇

ShadowTalk Threat Intelligence Podcast · Weekly: Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

Iranian Fox Kitten campaign targets F5 devices

On 10 Aug 2020, security researchers reported on a Private Industry Notification (PIN) released by the FBI, warning that Iranian activity previously tracked as Fox Kitten is actively targeting F5 networking devices in the United States government and private sectors by attempting to exploit CVE-2020-5902. Fox Kitten is believed to exploit vulnerabilities in staging attacks for larger attacks by Iran’s advanced persistent threat (APT) actors such as “APT33”, “APT34”, and “Chafer”.

Critical vulnerability impacts Intel components

On 11 Aug 2020, Intel Corp warned its customers of a critical severity vulnerability that could lead to an unauthenticated remote attacker achieving an escalation of privileges. This impacts a wide range of Intel products, including motherboards, server systems, and compute modules. The critical flaw stems from improper-authentication mechanisms in Intel products before version 1.59, and is reportedly extremely exploitable, as attackers would not need to be authenticated to exploit.

LockBit targeting US-based small-medium businesses 

On 04 Aug 2020, a report published by Interpol’s Cybercrime Directorate disclosed that ransomware operators of the “LockBit” variant were actively targeting United States-based small-medium businesses (SMBs). The report, which detailed the cybercrime trends and threats amid the COVID-19 pandemic, also found that the “CERBER”, “NetWalker”, and “Ryuk” variants were the most active, and were constantly being developed to maximize the impact of their ransomware attacks.

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 14 August 2020

Related Blog Posts

We’re Moving! – Websites, That Is

We’re Moving! – Websites, That Is

December 15, 2022 | 1 Min Read

We’re excited to announce the next phase of...
APT Spotlight Series: Sandworm

APT Spotlight Series: Sandworm

December 8, 2022 | 4 Min Read

This blog is the latest in our series taking a...
Vulnerability Intelligence Roundup: Five lessons learned since Log4Shell

Vulnerability Intelligence Roundup: Five lessons learned since Log4Shell

November 29, 2022 | 4 Min Read

As the holiday season approaches, my family has...