ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
August 17, 2020 | 2 Min Read

Alex, Kacey, and Charles host this week’s ShadowTalk, bringing you the latest in threat intelligence. In this episode they cover:

  • Defaced subreddits – which accounts were impacted and what was the cause?
  • An Intel Leak was exposed by a Twitter user – what was exposed and how did it happen?
  • Troy Hunt’s announcement on open-sourcing HIBP – our take on how it will improve the community at large

Listen below 👇👇

ShadowTalk Threat Intelligence Podcast · Weekly: Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

Iranian Fox Kitten campaign targets F5 devices

On 10 Aug 2020, security researchers reported on a Private Industry Notification (PIN) released by the FBI, warning that Iranian activity previously tracked as Fox Kitten is actively targeting F5 networking devices in the United States government and private sectors by attempting to exploit CVE-2020-5902. Fox Kitten is believed to exploit vulnerabilities in staging attacks for larger attacks by Iran’s advanced persistent threat (APT) actors such as “APT33”, “APT34”, and “Chafer”.

Critical vulnerability impacts Intel components

On 11 Aug 2020, Intel Corp warned its customers of a critical severity vulnerability that could lead to an unauthenticated remote attacker achieving an escalation of privileges. This impacts a wide range of Intel products, including motherboards, server systems, and compute modules. The critical flaw stems from improper-authentication mechanisms in Intel products before version 1.59, and is reportedly extremely exploitable, as attackers would not need to be authenticated to exploit.

LockBit targeting US-based small-medium businesses 

On 04 Aug 2020, a report published by Interpol’s Cybercrime Directorate disclosed that ransomware operators of the “LockBit” variant were actively targeting United States-based small-medium businesses (SMBs). The report, which detailed the cybercrime trends and threats amid the COVID-19 pandemic, also found that the “CERBER”, “NetWalker”, and “Ryuk” variants were the most active, and were constantly being developed to maximize the impact of their ransomware attacks.

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 14 August 2020

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

SeachLight’s Exposed Document Alerts: Uncover the Critical, Faster

November 23, 2020 | 5 Min Read

BACKING UP...INTO A DITCH I am a terrible...
Holiday Cybercrime: Retail Risks and Dark Web Kicks

Holiday Cybercrime: Retail Risks and Dark Web Kicks

November 19, 2020 | 7 Min Read

The holidays are right around the corner,...
ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

ShadowTalk Update: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!

November 16, 2020 | 2 Min Read

ShadowTalk hosts Stefano, Kim, Dylan, and...
To Code or Not to Code? Cybercriminals and the world of programming

To Code or Not to Code? Cybercriminals and the world of programming

November 12, 2020 | 9 Min Read

If you keep a pulse on the technology sector...