Kevin Beaumont
Kevin BeaumontThe people arrested as part of the Co-op and M&S hack investigation have been released on bail.
https://nation.cymru/news/four-people-bailed-after-arrests-over-cyber-attacks-on-ms-co-op-and-harrods/
Previously when this happened with LAPSUS$, they just continued hacking stuff.
Kevin BeaumontI understand the people released have not been charged.
Kevin BeaumontIn fairness the trailer does warn you
Kevin BeaumontThe Amazon War of the Worlds movie is indeed worse than I thought.
β
PlayStation 2 visual effects
β
Amazon are the good guys
β
Joe Rogan and Tucker Carlson tweet integration
Iβd be lying if I said I didnβt enjoy it though.
Kevin BeaumontWhat a time to be alive
Tl;dr of the Scatter Spider LAPSUS$ chat aka fuckmandiantunit221bcr0wdshart is:
- theyβve owned a lot of big companies by phoning them up and asking for access - this includes orgs who havenβt disclosed their incidents
- they also appear to have an Oracle WebLogic exploit (unclear if zero day) and a SAP Netweaver exploit and used that to get inside orgs
- They appear to also be (or owned) ShinyHunters ransomware, as they include internal ShinyHunter emails and IMs.
Kevin BeaumontIt has strong rings of former LAPSUS$ activity due to a range of things, including many of the same victim orgs, screenshots from historic incidents 2021-2022 which werenβt public, targeting Portuguese speaking orgs again, staying up to 4am, the lingo, UK links etc.
They also appear to targeting UK justice system network, goading the NCA and going after more retailers.
Kevin BeaumontThat one was Rockstar Games internal build environment, 100%, from a few years ago. Theyβre also posting screenshots for Victoriaβs Secret etc.
Kevin BeaumontWhat a time to be alive
Tl;dr of the Scatter Spider LAPSUS$ chat aka fuckmandiantunit221bcr0wdshart is:
- theyβve owned a lot of big companies by phoning them up and asking for access - this includes orgs who havenβt disclosed their incidents
- they also appear to have an Oracle WebLogic exploit (unclear if zero day) and a SAP Netweaver exploit and used that to get inside orgs
- They appear to also be (or owned) ShinyHunters ransomware, as they include internal ShinyHunter emails and IMs.
Kevin Beaumonthttps://www.bbc.co.uk/news/live/c1dxndnkq6yt
Kevin BeaumontThe NCA might want to urgently pick up the LAPSUS guys again.
Kevin BeaumontThat one was Rockstar Games internal build environment, 100%, from a few years ago. Theyβre also posting screenshots for Victoriaβs Secret etc.
Kevin BeaumontThe NCA might want to urgently pick up the LAPSUS guys again.
Kevin BeaumontThe CVE Foundation now lists the people involved https://www.thecvefoundation.org/frequently-asked-questions @thecvefoundation@infosec.exchange
Kevin BeaumontAn update on the MITRE ATT&CK situation.
Kevin BeaumontRIP AOL dial up
Kevin BeaumontBattlefield 6 Open Beta early access code, if anybody wants one.
56CZ-RNMK-BCSD-WLGS
Redeem link: https://www.ea.com/games/battlefield/battlefield-6/redeem