BU-CERT News

From logpoint.com

Who is Forest Blizzard?

Forest Blizzard(G0007) is a threat group associated with Russia’s GRU intelligence service and has been active since 2008. The group’s origins can be traced back to the mid-2000s, with operations believed to have started around 2008. The group is attributed to the Russian military intelligence agency, as most of Forest Blizzard’s victims are targeted in ways that indirectly benefit the Russian government.

Who are they targeting?

Forest Blizzard has primarily targeted entities within the North Atlantic Treaty Organization (NATO), NATO-partnered organizations and institutions, organizations in the aerospace and defense sectors, government agencies, hospitality, international sports bodies, and the media. Additionally, Forest Blizzard has been observed conducting cyber operations during the Russia-Ukraine war, further aligning with Russia’s strategic objectives. Forest Blizzard’s targeted regions have mostly been observed in Europe, the South Caucasus, Central Asia, and North and South America.

Read more…

From europol.europa.eu

Are you a law enforcement officer with a passion for photography? Then enter your best images to win a trip for two to Europol in The Hague! Capture24 is this year’s edition of Europol’s photo competition, which has brought to light impressive images since its inception. Europol is celebrating the hard work and dedication of law enforcement across the European Union and abroad, and we are seeking photography submissions that illustrate the many ways in which police forces protect citizens on a daily basis. 

Read more…

From securityweek.com

AI tool development company Hugging Face informed customers on Friday that it had detected unauthorized access to its Spaces platform. 

Hugging Face Spaces makes it easier for users to create and share machine learning (ML) applications and demos with others. 

According to the company, the unauthorized access to the Spaces platform may have exposed “a subset of Spaces’ secrets”. 

In response, it has revoked tokens present in the compromised secrets and it has notified impacted users.

“We recommend you refresh any key or token and consider switching your HF tokens to fine-grained access tokens which are the new default,” Hugging Face said in a blog post.

Read more…

From securityonline.info

WordPress users who have installed the popular HTML5 Video Player plugin are urged to take immediate action following the discovery of a critical security vulnerability. The flaw, tracked as CVE-2024-5522, allows unauthenticated attackers to inject malicious SQL code into website databases, potentially exposing sensitive information or compromising site integrity.

Read more…

From avira.com

What do the terms fragmentation and defragmentation mean? 

One of the main possible culprits causing your computer to gradually crawl along is a fragmented hard drive. This means that pieces of files have been stored on the hard drive in different partitions — or, in tech terms, logically separated parts of a hard drive. This can happen over time if you change or delete files, creating gaps on the hard drive. 

New files are then saved automatically in the resulting gaps. If the gaps are too large for the new files, they are split across several gaps — resulting in a fragmented file. This isn’t a bad thing in itself, but it can slow down your device. That’s because if you open a fragmented file, the computer has to read it from different locations on the hard drive to display its contents. The same applies to programs, which can also lead to 100% disk usage, slamming the brakes on your device’s performance. 

You can piece together those fragmented files by defragmenting your computer. Your computer will then rearrange the files and programs on the hard drive so that all the fragments sit one after the other. This allows the computer to access the file or program more quickly. It also saves your hard drive from having to spin up and go hunting for file fragments, and can increase its lifespan. You can also use the CHCKDSK command to scan and repair your Windows hard drive.  

Read more…

From netography.com

Why Every Multi-Cloud Environment Needs an Application Owner Dashboard

By James Pittman

Organizations have moved to multi-cloud environments to achieve the benefits of business resilience, agility, best-of-breed capabilities, compliance, and cost containment, or due to the result of a merger or acquisition. But distributed environments also introduce a lot of complexity that can make it hard to realize these benefits. 

Customers tell us they are feeling the pain of having SaaS applications distributed across different clouds with multiple application owners responsible for different parts of the application and limited ability to monitor the services they manage. The network monitoring tools in their stacks tend to be built for security engineers or the compliance team with an audit focus, and not application owners. The application owners have insufficient visibility to perform the role they were given which puts their ability to contribute to the risk management of the environment in jeopardy. 

Read more…

From theregister.com

Unknown miscreants broke into more than 600,000 routers belonging to a single ISP late last year and deployed malware on the devices before totally disabling them, according to security researchers.

The cyber attack, which wasn’t reported at the time, took place over a 72-hour period between October 25 and 27, 2023. It “rendered the infected devices permanently inoperable, and required a hardware-based replacement,” according to US telco Lumen Technologies’ Black Lotus Labs, which published details about the destructive event on Thursday and named it “Pumpkin Eclipse.”

Read more…