Transcript
Claire Aird (0:04)
The EU sanctions three GRU hackers the administrators of the OTP agency cybercrime service go to prison, Apple fixes its first zero day of the year, and Deepseek limits new user registrations after cyber attacks. This is the Risky Bulletin prepared by Catalyn Kimpanu and read by me, Claire aird. Today is the 29th of January and this podcast episode is brought to you by Asset Inventory and Network Visibility company Run zero the European Union has sanctioned three Russian military hackers for cyber attacks against Estonian government agencies in 2020. Sanctions were levied against Yuri Denisov, Nikolai Khorjukin and Vitaly Shevchenko. All three are officers in Unit 29155 in Russia's GRU Military Intelligence agency. The Estonian government publicly attributed the 2020 hack to the GRU in September 2024. GRU unit 29155 has operated in secret since 2008 and mostly conducts assassinations and sabotage on foreign soil. The unit branched out into cyber operations in 2020. It's been linked to explosions at Czech MO depots, an attempted coup in Montenegro, the poisoning of former GRU officer Sergei Skripal, and a bounty program that paid the Taliban tens of thousands of US dollars for each US and NATO soldier killed in Afghan. The unit's cyber operations are tracked as Ember, Bear Cadet, Blizzard, Frozen Vista, UNC 2589 and UAC 0056. Staying with Russia and the country's intelligence services are recruiting Polish citizens on the dark web to spread disinformation ahead of the country's presidential election in May. According to the Polish government, its citizens are being offered up to €4,000 to spread anti EU propaganda on social media. The Russian FSB and GRU allegedly behind the campaign, which kicked off early last year. Two US Senators have introduced a bill that would instruct the US Department of Commerce to study the national security risks associated with routers and modems manufactured overseas. The bill aims to identify devices that may be under the control of foreign adversary governments and block their sale in the us. The new bill is named the Removing Our Unsecure Technologies to Ensure Reliability and Security or the Routers Act. It's sponsored by Senators Marsha Blackburn, a Republican of Tennessee, and Ben Ray Luan, Democrat from New Mexico. Three administrators of a service that allowed cybercriminals to intercept one time passcodes have been sentenced to prison terms by a judge in the UK. One administrator was sentenced to two years and eight months in prison, while the others received one year sentences. The three were arrested in March 2021amonth after the site was featured in a Brian Krebs article. The OTP agency allowed threat actors to enter a victim's phone number, initiate a call posing as a bank and request a token from their banking app. US officials have extradited a 24 year old Nigerian man for a sextortion scheme that led to a young man committing suicide. Officials say Hassan Bussain Abalor Law is responsible for the death of Gavin Guffey, a 17 year old from Rock Hill who took his own life in 2022. Lawal posed as a woman online and solicited sexually explicit images of boys, and the suspect used the images to extort victims for money. Law faces life in prison on multiple charges, including child exploitation. Apple has patched an actively exploited zero day in its iOS and iOS operating systems. The vulnerability resides in Apple's Core Media Processing framework. Apple says attackers can abuse malicious media files to elevate their privileges on targeted systems. The company has not shared any other details about the ongoing exploitation. Staying with Apple and Researchers have disclosed two new side channel attacks against Apple CPUs that can leak sensitive data. Named slap and flop, the attacks impact Apple's line of A and M series CPUs. Both attacks can be performed via a web browser. Apple plans to address both attacks in an upcoming security update. The academic team behind the attacks has found almost a dozen side channel attacks in modern CPUs such as Meltdown, Smart Inspector, SGXfail and Rambleed. Chinese AI company Deepseek has limited new user registrations after what it described as large scale malicious attacks on its newly launched AI services. The attack took place as the company's app overtook ChatGPT on app stores and as US AI stock prices fell by up to 20%. The attack is believed to be a combination of DOS attacks and API abuse. Microsoft is testing a new Edge security feature designed to block scareware pop ups. The feature uses machine learning to detect pop ups and text typically found in scareware and tech support scams. The feature was initially announced during last year's Microsoft Ignite developer Conference. Cryptocurrency exchange Kucoin has reached a settlement with the U.S. department of justice and will leave the U.S. market for two years after it was caught operating an unlicensed money transmitting business. The company has agreed agreed to pay $297 million representing a regulatory fine and forfeiture for its failure to implement anti money laundering and know your customer protocols. Kucoin will be allowed to re enter the US market after fixing all issues and registering with US Authorities. Kucoin was one of the world's largest crypto exchanges when the Justice Department started an investigation into its operations. And that is all for this podcast edition. Today's show was brought to you by our sponsor, Run Zero find them@runz0.com thanks for your company.