Alex, Kacey, and Charles host this week’s ShadowTalk, bringing you the latest in threat intelligence. In this episode they cover:

  • Defaced subreddits – which accounts were impacted and what was the cause?
  • An Intel Leak was exposed by a Twitter user – what was exposed and how did it happen?
  • Troy Hunt’s announcement on open-sourcing HIBP – our take on how it will improve the community at large

Listen below 👇👇

Iranian Fox Kitten campaign targets F5 devices

On 10 Aug 2020, security researchers reported on a Private Industry Notification (PIN) released by the FBI, warning that Iranian activity previously tracked as Fox Kitten is actively targeting F5 networking devices in the United States government and private sectors by attempting to exploit CVE-2020-5902. Fox Kitten is believed to exploit vulnerabilities in staging attacks for larger attacks by Iran’s advanced persistent threat (APT) actors such as “APT33”, “APT34”, and “Chafer”.

Critical vulnerability impacts Intel components

On 11 Aug 2020, Intel Corp warned its customers of a critical severity vulnerability that could lead to an unauthenticated remote attacker achieving an escalation of privileges. This impacts a wide range of Intel products, including motherboards, server systems, and compute modules. The critical flaw stems from improper-authentication mechanisms in Intel products before version 1.59, and is reportedly extremely exploitable, as attackers would not need to be authenticated to exploit.

LockBit targeting US-based small-medium businesses 

On 04 Aug 2020, a report published by Interpol’s Cybercrime Directorate disclosed that ransomware operators of the “LockBit” variant were actively targeting United States-based small-medium businesses (SMBs). The report, which detailed the cybercrime trends and threats amid the COVID-19 pandemic, also found that the “CERBER”, “NetWalker”, and “Ryuk” variants were the most active, and were constantly being developed to maximize the impact of their ransomware attacks.

For more details, read the full Weekly Intelligence Summary here:

Weekly Intelligence Summary 14 August 2020