Notices by Catalin Cimpanu (campuscodi@mastodon.social), page 3

Cloudflare has shut down accounts on its platform used by a Russian threat actor known as FlyingYeti to launch phishing attacks on Ukrainian users and organizations.

https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine

A coalition of international law enforcement agencies have taken down servers from multiple malware-loader botnets

Listed "victims" include:

-IcedID
-SystemBC
-Pikabot
-Smokeloader
-Bumblebee
-Trickbot

LEA calls the campaign Operation Endgame: https://operation-endgame.com/

Europol: https://www.europol.europa.eu/media-press/newsroom/news/largest-ever-operation-against-botnets-hits-dropper-malware-ecosystem

More than three months after NIST stopped enriching the NVD database, the organization has yet to resume its normal activity.

93% of all vulnerabilities added to the NVD database over the last three months still lack crucial information.

According to a report from security firm VulnCheck, NIST's involvement with the NVD is slowing down, with fewer vulnerabilities processed with each passing week.

https://vulncheck.com/blog/nvd-backlog-exploitation

Just think about it!

In just 14 days, Microsoft pivoted from "do security" in an internal memo on May 5 to "let's install spyware on everyone's PC" on May 21.

That must be a world record in bad corporate management

Russian security firm FACCT has spotted a threat actor targeting Russian companies with a leaked version of the LockBit ransomware.

https://t.me/F_A_C_C_T/3214

The most interesting part is that FACCT refers to the group using a "werewolf" moniker.

The werewolf term is typically used by Russian security firms to refer to state-sponsored groups.

https://securitymedia.org/info/vervolf-v-tayfune-klassifikatsiya-i-analiz-khakerskikh-gruppirovok.html

@metacurity yeah there is.... it's called DDG

This is just of the many tweets that are flooding Twitter these days praising Telegram and discouraging users from using Signal with stupid NSA and FBI conspiracy theories.

Under no scenario you should have Telegram installed on your phone. It's basically the Hulk Hogan of E2EE apps

LockBitSupp doing the media tour with the same boring ass "you got the wrong guy" routine that all the previous ransomware dudes attempted and failed

A Prospect article argues that News of the World, a newspaper owned by Rupert Murdoch, didn't just hack the phones of celebrities and politicians to get scoops, but also stole data to help its owner's business empire commercial endeavors.

https://www.prospectmagazine.co.uk/ideas/media/phone-hacking/65891/did-the-murdoch-empire-hack-mps-for-commercial-ends

@metacurity that's a little bit excessive 🫠

@simontsui Kaspersky has said a while back they will stop doing attribution—most likely because they'd just have to attribute most groups to RU allies like Iran, DPRK, and China and they don't wanna rock the political boat.

They know exactly who this is

Police chiefs from 32 European countries have called on governments and industry groups to stop tech companies from rolling end-to-end encryption (E2EE)

https://www.europol.europa.eu/media-press/newsroom/news/european-police-chiefs-call-for-industry-and-governments-to-take-action-against-end-to-end-encryption-roll-out

https://www.europol.europa.eu/media-press/newsroom/news/european-police-chiefs-call-for-industry-and-governments-to-take-action-against-end-to-end-encryption-roll-out

Minecraft RANDAR exploit lets you find the in-game location of any player by looking at how pieces of a broken block fall

Write-up: https://github.com/spawnmason/randar-explanation

Video: https://www.youtube.com/watch?v=maMpMOnIJDE

Gentoo has banned AI-generated code

https://www.mail-archive.com/gentoo-dev@lists.gentoo.org/msg99042.html

It has now been officially two months since the NIST NVD stopped enriching CVEs with additional metadata and details, and we still don't know what exactly happened.

According to VulnCheck's Patrick Garrity, the infosec community isn't waiting for NIST to get its business in order, and unprocessed CVEs are piling up more each day.

https://www.linkedin.com/feed/update/urn🇱🇮activity:7184577753583673344/

MGM Resorts sued the FTC to stop an investigation into how it dealt with a cybersecurity attack last year

https://archive.ph/mXIDQ

Cisco Duo discloses a data breach

https://app.securitymsp.cisco.com/e/es?s=4673582&e=2785&elqTrackId=EF815608FCE191E1D3FAAE7B0376C832&elq=bd1c1886a59e40c09915b029a74be94e&elqaid=112&elqat=1

The Natto Thoughts team has published a profile on APT-doxing group Intrusion Truth.

https://nattothoughts.substack.com/p/intrusion-truth-methods-how-can-they

PasteHub, an anonymous note-sharing service integrated with BerachForums, appears to have been seized by law enforcement

Let's hope for its users it was really "anonymous"

http://pastehub.net/

The developers of the Notepad++ text editor have asked users to help report a new website impersonating its brand and ranking high in search results

https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/