Weekly Axis Of Easy #253
Last Week’s Quote was “Our lives begin to end the day we remain silent about things that matter,” by Martin Luther King. Two correct guesses, but Ronan got it first!
This Week’s Quote: “No man is entitled to the blessings of freedom unless he be vigilant in its preservation” … by???
THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.
The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.
In this issue:
- Massive DDoS Attacks: Killnet Group Targeted Lithuania Government Institutions Websites
- Ransomware Gang Conti: 850 Companies Attacked In Two Years
- Ending Freedom of the Press, Speech, and Expression: The Main Goal of Big Corporations
- Sensitive Information of 1.5 Million Of Flagstar Bank Leaked
- Bumblebee: A New Malware Loader Increasingly Used In Cyberattacks
- Netflix Crashes After ‘Stranger Things 4’ Finale Release
Elsewhere online
- Jailed for Scammer Who Used The Riot Games Co-Founder’s Information To Mine Cryptocurrency
- Privacy Experts worried about ‘Supercookies’ Should You Be Worried?
- Hackers with Amazon Users’ Authentication Tokens Exposed Photos of Users
- Cybercriminals are Using Messenger Chatbots to Steal Login Data
- There was a Mars probe running Windows 98 software for 19 years
Massive DDoS Attacks: Killnet Group Targeted Lithuania Government Institutions Websites
The Pro-Russia group Killnet struck a highly disruptive DDoS attack. The country’s National Cyber Security Center (NKSC) confirmed the attack that occurred on 27 June 2022 and prevented visitors from accessing the website and using services. The attack has been managed, and the sites are back online, but it affected the Secure National Data Transfer Network and private and public sector firms. According to Jonas Skardinskas, NKSC´s Director: “It is highly probable that such or even more intense attacks will continue into the coming days, especially against the communications, energy, and financial sectors.”
After Russia invaded Ukraine, the EU banned Russian exports and blocked the transport of materials like metals and coal to Kaliningrad; Lithuania supported the EU sanctions on the Russian economy, and this caused a row between Russia and Lithuania. The hacktivist group Killnet, known for its support of Russia, responded: in a video, they claimed responsibility for the DDoS attack. Killnet is currently on Telegram posting a list of Luthinian sites targeted by the group.
“The group’s spokesperson told Reuters that Killnet demolished 1,652 web resources and plans to cause more damage soon.” The attack’s impact is considerable: “it disrupted the Secure National Data Transfer Network, which is among the most critical components of the country’s national security in the cyberworld, particularly during wartime.”
Read: https://www.hackread.com/russia-killnet-group-lithuania-sites-ddos-attacks/
Ransomware Gang Conti: 850 Companies Attacked In Two Years
Security firm Group-IB is revealing in a new report that the ransomware operators attacked more than 850 victims, including corporations, government agencies, and even a whole country, and are compromising as many as 40 per month in the past two years. Conti is considered one of the most successful ransomware groups and has been active since late 2019. The group is known for its reputation of never taking a day off and running a professional operation that consistently puts in 14 hours a day, even on weekends.
The first formal recording of Conti ransomware attacks took place in early 2020 and quickly grew in the same year, leaking the data of 173 victims through its dark web portal. Conti is also highly disciplined, both in how it handles the attacks affiliates initiate and how it handles its internal affair, and they attack often and quickly. Their internal structure is very “business-like,” including a “human resources” department. The group has managed to succeed in its attacks and compromised over 40 organizations worldwide. The call is for organizations to update their cybersecurity systems: “I think that maybe the most pervasive problem in cybersecurity today is that most organizations simply don’t understand what they are up against… these threat actors are professional and highly organized operations that invest millions of dollars into hiring talented hackers, providing cutting edge offensive training” said Chris Clements, VP of Solutions Architecture for Cerberus Sentinel
Ending Freedom of the Press, Speech, and Expression: The Main Goal of Big Corporations
The free press has great power and is capable of great things, this is the main reason governments, corporations, and elites have always been fearful of it and historically have been trying to restrict it. Free speech and free press are capable of exposing their lies, destroying their carefully crafted images, and undermining their authority. In the more recent years, social media and alternative journalism have grown, and people are more confident using those as a source of news and information, but in response, big corporations and the mainstream media have been fierce in their intent to silence and censor alternative media outlets and voices.
At the recent World Economic Forum meeting in Davos, Switzerland, “Australian eSafety commissioner” Julie Inman Grant stated that “freedom of speech is not the same thing as a free for all,” and that “we are going to need a recalibration of a whole range of human rights that are playing out online—from freedom of speech … to be free from online violence. These restrictions are increasing all around the globe: The Canadian Government is seeking to restrict independent media and freedom of expression with the implementation of Bill C-11, which aims to regulate online platforms such as TikTok, Spotify, and Youtube. On the other hand, The UK wants to introduce the Online Safety Bill, “ a government’s manifesto commitment to make the UK the safest place in the world to be online while defending free expression.”
Read: https://mises.org/wire/great-reset-action-ending-freedom-press-speech-and-expression
Sensitive Information of 1.5 Million Of Flagstar Bank Leaked
An investigation concluded on June 2, 2022, determined that hackers accessed personal information in an incident that occurred in December 2021. As a result, the Bank declared that they notified the affected individuals, reported to federal law enforcement authorities, and initiated incident response plans. The Michigan-based Flagstar bank also offered two years of free identity monitoring with Kroll and said in a notification letter: “We have no evidence that any of the information has been misused. Nevertheless, out of an abundance of caution, we want to make you aware of the incident.”
However, the Bank asked its clients to monitor their financial statements closely and be vigilant for potential fraud. The company notified that hackers accessed names and other personally identifiable information (PII) and Social Security numbers of 1,547,169 customers, including 1,028 Maine residents, and also said that they initiated incident response protocols after detecting the security breach. Flagstar’s website stated: “Upon learning of the incident, we promptly activated our incident response plan, engaged external cybersecurity professionals experienced in handling these types of incidents, and reported the matter to federal law enforcement.”
Bumblebee: A New Malware Loader Increasingly Used In Cyberattacks
Several prominent ransomware groups have recently been linked to the malware loader Bumblebee and have been used in numerous cyberattacks. The Symantec Threat Hunter Team, part of Broadcom Software, found that the new tool has links to threat groups such as Conti, Quantum, and Mountlocker and may be used as a replacement for Trickbot and BazarLoader. “[Bumblebee] appears to have replaced a number of older loaders, which suggests that it is the work of established actors and that the transition to Bumblebee was pre-planned,” the team wrote in its blog post.
“The initial infection came through a spear-phishing email, which had an attachment of an ISO file. The malicious file in question was equipped with a Bumblebee DLL file and an LNK file, which then loaded the Bumblebee file using rundll32.exe.” The Threat Hunter Team believed there is a connection between the new Bumblebee loader and those used previously by cybercriminals groups; many of these attacks investigated by them also found the use of legitimate software tools within the attacks themselves.
Netflix Crashes After ‘Stranger Things 4’ Finale Release
Netflix’s most popular English-language TV series crashed the network with the release of the season finale “Stranger Things 4.” Their system was overwhelmed when fans logged in to watch.
Although the issue now appears to be resolved, fans took to Twitter to express their dismay. Over 14,000 outages were reported.
Read: https://www.bloomberg.com/news/articles/2022-07-01/stranger-things-4-finale-netflix-crashes-after-fans-overwhelm-streaming-service
Elsewhere online:
Jailed for Scammer Who Used The Riot Games Co-Founder’s Information To Mine Cryptocurrency
Read: https://www.hackread.com/scammer-jailed-riot-games-co-founder-mine-crypto/
Privacy Experts worried about ‘Supercookies’ Should You Be Worried?
Read: https://www.wired.com/story/trustpid-digital-token-supercookie/
Hackers with Amazon Users’ Authentication Tokens Exposed Photos of Users
Read: https://threatpost.com/exposed-amazon-photos/180105/
Cybercriminals are Using Messenger Chatbots to Steal Login Data
Read: https://www.hackread.com/facebook-phishing-scam-crooks-messenger-chatbots-data/
There was a Mars probe running Windows 98 software for 19 years
Read: https://gizmodo.com/mars-express-spacecraft-windows-98-software-marsis-esa-1849114156
Previously on #AxisOfEasy
If you missed the previous issues, they can be read online here:
- June 27th, 2022: Scammers Can Steal Your Selfies For NSFW Purposes On Instagram
- June 20th, 2022: Facebook Messenger Scam: Millions Deceived
- June 13th, 2022: Attacking 5G Via Network Slices: A New Emerging Threat
- June 6th, 2022: Unreasonably Suspicious: The Reason Ottawa Wants To Check Your Phone At The Border
- May 30th, 2022: A Crypto Hack Is More Than A Niche Issue; It Impacts Society As A Whole
Benjamin Franklin
Benjamin Franklin
Edmond Burke
THOMAS HOBBES