Afternoon Dessert – 2023-01-26


Welcome to another Afternoon Dessert breakout:

Is Once-Yearly Pen Testing Enough for Your Organization?
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization’s reputation and bottom line.
There are two main reasons why regular pen testing is necessary for secure web application development:

Security: Web applications are constantly evolving, and new
Read more….

Yandex denies hack, blames source code leak on former employee
A Yandex source code repository allegedly stolen by a former employee of the Russian technology company has been leaked as a Torrent on a popular hacking forum. […]
Read more….

Hive ransomware dark web sites seized by law enforcement
Today, the Hive ransomware Tor payment and data leak sites were seized as part of an international law enforcement operation involving the US Department of Justice, FBI, Secret Service, Europol, and Germany’s BKA and Polizei. […]
Read more….

Researchers Uncover Connection b/w Moses Staff and Emerging Abraham’s Ax Hacktivists Group
New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham’s Ax that emerged in November 2022.
This is based on “several commonalities across the iconography, videography, and leak sites used by the groups, suggesting they are likely operated by the same entity,” Secureworks Counter Threat Unit (CTU) said 
Read more….

Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA
Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) reported to Microsoft last year.
Tracked as CVE-2022-34689 (CVSS score: 7.5), the spoofing vulnerability was addressed by the tech giant as part of Patch Tuesday updates released in
Read more….

GoTo admits: Customer cloud backups stolen together with decryption key
We were going to write, “Once more unto the breach, dear friends, once more”… but it seems to go without saying these days.
Read more….

Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation
Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022.
“Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs,” the company’s Threat Analysis Group (TAG) said in a report shared with The Hacker News. “However, a
Read more….

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries.
“Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals,” Europol said in a statement.
The U.S. Department of
Read more….

UK warns of increased attacks from Russian, Iranian hackers
The U.K. National Cyber Security Centre (NCSC) has issued a warning of Russian and Iranian state-sponsored hackers increasingly targeting organizations and individuals. […]
Read more….

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
Lastest episode – listen now! (Or read the transcript.)
Read more….

Google nukes 50,000 accounts pushing Chinese disinformation
Google’s Threat Analysis Group terminated tens of thousands of accounts linked to a group known as “Dragonbridge” or “Spamouflage Dragon” that is disseminating pro-Chinese disinformation across multiple online platforms. […]
Read more….

Follow for more…


Create a website or blog at

%d bloggers like this: