News

Octo Tempest hacking group and new iLeakage attack

Dan Virgillito
October 30, 2023 by
Dan Virgillito

Microsoft warns of Octo Tempest’s financial exploits, new iLeakage attack sees threat actors steal emails and passwords from Safari web browser and Flipper Zero Bluetooth spam. Catch all this and more in this week’s edition of Cybersecurity Weekly.

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

1. Microsoft labels Octo Tempest as one of the most dangerous financial cybercrime groups

Microsoft has shared key details about Octo Tempest, an English-speaking hacker group known for its advanced social engineering tactics. Initially focused on account theft, the group transitioned to ransomware attacks and data extortion, partnering with the ALPHV/BlackCat ransomware group. Techniques like mimicking speech patterns, SIM-swapping, and direct threats help them target tech administrators. With varied methods to conceal their actions, their primary goal is financial gain through cryptocurrency theft and ransom.

Read more »

2. New iLeakage attack exploits emails and other sensitive info from Apple Safari

Security researchers have identified a new vulnerability in Apple products that causes the Safari browser to unintentionally disclose user login details. Named "iLeakage," this flaw affects Macs and iPhones from 2020 onward equipped with Apple’s A-series and M-series chips. By exploiting the "speculative execution" feature in CPUs, attackers can access sensitive data, such as Gmail or Instagram credentials. Although Apple has been notified and offered a manual fix, a more comprehensive solution has yet to be released.

Read more »

3. Flipper Zero can now perform Bluetooth spam attacks on Android and Windows devices

Flipper Zero's custom third-party firmware now allows it to send spam Bluetooth messages to Apple, Android, and Windows devices. When loaded with the Xtreme developer build, the device uses the BLE Spam app to flood devices with pop-ups. While merely inconvenient for Android and Windows users, it can render Apple devices unresponsive. The best defense against this tactic is simply turning off Bluetooth through device settings.

Read more »

4. France warns of Russian state-sponsored attacks on critical networks

French security agency ANSSI recently warned of the Russia-linked APT28 group's aggressive targeting of French critical networks. Utilizing techniques to evade detection, APT28 has even opted against deploying backdoors in some compromised systems. Their recent tactics include exploiting zero-day vulnerabilities and compromising routers and email accounts. Given these exploits, ANSSI strongly recommends public entities to bolster their cybersecurity.

Read more »

5. Ransomware breach at Seiko puts 60,000 sensitive records at risk

Japanese watchmaker Seiko recently disclosed a ransomware attack exposing 60,000 records of sensitive data. The BlackCat/ALPHV gang claimed responsibility for the attack, alleging theft of sensitive documents, including employee passport scans and technical schematics. Researchers believe they gained access to Seiko's from an initial access broker just a day before detection. While Seiko confirmed various types of data leaks, they clarified that credit card information remained secure.

Read more »

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.