Can you believe we're over halfway through the year?! Summer is in full swing, and it's been a little quieter in Security Queens HQ... but fear not, the Queens have loads planned for the rest of 2023 - so watch this space!
Cyber criminals don't have summer holidays, and that's been quite evident as we move onto this month's industry news.
Hacktivist gang Anonymous Sudan took down fan fiction site A03, and has claimed the Reddit DDoS attack. Anonymous Sudan downed the popular fan fiction site Archive of our Own (AO3) with a distributed denial of service (DDoS) attack and claimed to have disabled Reddit with a similar attack for over two hours. The group said it was reportedly taking action due to the nature of the content the website features.
Earlier this month HCA Healthcare patient data was stolen and listed for sale by hackers. According to the company a dataset of approximately 27 million rows was stolen and includes patients' personal information and visit records. The hack reportedly affects patients in nearly two dozen states, including facilities in Florida and Texas.
Recently, the source code for BlackLotus Windows UEFI malware has been leaked on GitHub. The leak has allowed greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community. BlackLotus is a Windows-targeting UEFI bootkit that bypasses Secure Boot on fully patched Windows 11 installs, evades security software, persists on an infected system, and executes payloads with the highest level of privileges in the operating system.
A Chinese APT backdoor has been founded in a Pakistani Government application. Trend Micro has discovered a sample of Shadowpad, a sophisticated backdoor used by various Chinese-sponsored threat actors, in an application built by the National Information Technology Board (NITB), a Pakistani government entity.
Hundreds of individuals working for defence and intelligences agencies around the globe have had their names and emails accidentally exposed by an employee in Google in a VirusTotal leak. A list of 5,600 of the repository’s customers was uploaded, accidentally, to the platform itself. The list identifies individuals affiliated with U.S. Cyber Command and the National Security Agency, as well as with the Pentagon, the FBI, and a number of U.S. military service branches.
Ofcom says it won’t pay ransom, as new MOVEit hack victims come forward. More victims of the mass-hacks targeting users of MOVEit Transfer, a popular file-transfer application, are coming forward as the number of known impacted organizations reaches almost 400.
And finally, the hardest news to report this month, we are sad to report the unfortunate passing of Kevin Mitnick. Kevin, a hacker who famously served time in prison for various computer and communications-related crimes, had passed away after a battle with pancreatic cancer. He was 59 and at the time of his death was Chief Hacking Officer at training firm KnowBe4. We would like to share our condolences to friends, family and those affected at this moment in time.
As always you can find our most recent posts below...
Lots of love,
The Security Queens xxx