A Russian court convicted a hacker for developing malware and stealing card data from foreigners. He also donated to Navalny's Anti-Corruption Fund. We all know why he was convicted. Too bad Russia doesn't prosecute all the other hackers that didn't donate to Navalny.

"The SBU cyber experts blocked attempts of russia’s military intelligence to gain access to the combat data exchange system of the Armed Forces of Ukraine." "The SBU identified nearly 10 malware samples designed to extract information from the system." SBU links the operation to Sandworm https://ssu.gov.ua/en/novyny/sbu-exposes-russian-intelligence-attempts-to-penetrate-armed-forces-planning-operations-system

New super clever side-channel attack dropped.... "As in the movie of the same name, Inception plants an “idea” in the CPU while it is in a sense “dreaming”, to make it take wrong actions based on supposedly self conceived experiences. Using this approach, Inception hijacks the transient control-flow of return instructions on all AMD Zen CPUs."

Inception: how a simple XOR can cause a Microarchitectural Stack Overflow – Computer Security Group

Patch Tuesday updates are late? 🤨

Interpol takes down 16Shop phishing-as-a-service platform

Notorious phishing platform shut down, arrests in international police operation

The platform sold hacking tools to more than 70,000 users in 43 countries

Image via ZeroFox:

ZeroFox

16Shop Targets Cash App with Latest Phishing Kit

16Shop released a new phishing kit targeting Cash App, the latest target among other high profile brands in financial services.

BlueSky is not it... how do I go from +33 to -92 just by adding a link to my post... smh

"RedHotel's infrastructure for malware command-and-control, reconnaissance, and exploitation points to administration in Chengdu, China. Its methods align with other contractor groups linked to China's Ministry of State Security (MSS), indicating a nexus of cyber talent and operations in Chengdu." https://www.recordedfuture.com/redhotel-a-prolific-chinese-state-sponsored-group-operating-at-a-global-scale

lol but true

Newsletter:

Risky Biz News: Russian bill will hide the PII data of military, police, and intelligence agents

In other news: Bitfinex 2016 hacker finally uncovered; ransomware attack cripples hospitals across five US states; and LetMeSpy shuts down after hack.

Podcast:

Risky Biz News: Ransomware attack cripples hospitals across five US states - Risky Business Media

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.Yo [Read More]

-Russian bill to hide the PII data of military, police, and intelligence agents -Bitfinex 2016 hacker finally uncovered -Rransomware attack cripples hospitals across five US states -LetMeSpy shuts down after hack -Japan's cybersecurity agency impacted in Barracuda hacks -CISA calls for better UEFI security practices -Bitter APT=Mysterious Elephant APT -Major Points.com vulnerabilities -Python libs get silent security updates

ACE Responder has released a tool named RogueSliver that can disrupt malware or red-team operations that use the Sliver C2 framework. It can hijack beacons, send memes to the attacker, or flood and crash C2 servers.

GitHub

GitHub - ACE-Responder/RogueSliver: A suite of tools to disrupt campaigns using the Sliver C2 framework.

A suite of tools to disrupt campaigns using the Sliver C2 framework. - ACE-Responder/RogueSliver