( The Guardian) Bing search results hijacked via misconfigured Microsoft appĪ misconfigured Microsoft application allowed anyone to log in and modify search results in real-time, as well as inject XSS attacks to potentially breach the accounts of Office 365 users. Five western intelligence agencies confirmed the Vulkan files appear to be authentic. The Vulkan files, which date from 2016 to 2021, were leaked by an anonymous whistleblower angered by Russia’s war in Ukraine. Other documents contain what appear to be illustrative examples of potential targets across the US and Canada, as well as details of a nuclear power station in Switzerland. One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm and the NotPetya malware, while Crystal-2V – is a training program for cyber-operatives in the methods required to bring down rail, air, and sea infrastructure. The company is linked to the federal security service FSB, the GRU and SVR, Russia’s foreign intelligence organization. Thousands of pages of secret documents reveal how engineers at NTC Vulkan in Moscow have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, and spread disinformation and control sections of the internet. ( The Record) Vulkan files leak reveals Putin’s global and domestic cyberwarfare tactics The company’s chief information security officer, Pierre Jourdan, said the intrusion was the work of highly skilled hackers, stating, “this appears to have been a targeted attack from an Advanced Persistent Threat, perhaps even state sponsored.” 3CX provides office phone systems to more than 12 million daily users at over 600,000 companies, as it claims on its website, including Mercedes-Benz, Coca-Cola, American Express and the United Kingdom’s National Health Service. Hackers may have compromised the networks of thousands of businesses due to a supply-chain attack on the enterprise phone company 3CX, which confirmed on Thursday its desktop app had been bundled with malware. Supply-chain attack on business phone provider 3CX could impact thousands of companies
0 Comments
Leave a Reply. |