Who Was Responsible For Hacking Both IBM & Stanford University?

The threat detection experts at CloudSEK have used their XVigil Artificial Intelligence (AI) platform to identify a post made to a cyber crime forum, where a threat actor has taken credit for hacking exploits.

In a website post the company researchers describe how  an open source automation server platform known as 'Jenkins' is one of the channels used by an as yet unidentified  threat actor in attacks against both IBM and Stanford University. The post contained a sample screenshot as proof of their claimed access to a Jenkins dashboard. 

According to CloudSEK,  the hackers aim to deliver a module containing hidden desktop takeover capabilities by exploiting clicks on seeming innocuous advertisements posted on the Internet. 

CloudSEK say that the Jenkins dashboard bypass contains internal hosts and scripts, in addition to database credentials and logins. On the same forum, CloudSEK found that the actor admitted to targeting IBM, particularly via internal administrators’ scrips and firewall configurations. Then, a private script is deployed to conduct fuzzing and obtain vulnerable instances that are then exploited. 

According to further posts, the hacker say they also targeted IBM and claimed responsibility for hacking Jozef Safarik University in Slovakia and Stanford University.

Cyber security researchers claim that modules such as Jenkins can be used to deliver sophisticated ransomware attacks, making them particularly dangerous. Reports from XVigil suggested government access to the domains was discovered from multiple countries, including Ukraine, United Arab Emirates, Pakistan and Nepal.

CloudSEK researchers say they expect this malicious campaign to ramp up bot infection attempts.

CloudSEK:   TEISS:      Oodaloop:     Infosecurity Magazine:     IT Security Guru:    The Cybersecurity:     Inside

You Might Also Read: 

Lapsus$ Hackers Targeted T-Mobile:
 

« How Do You Solve A Problem Like The Cyber Security Skills Gap?
History Of Cyber Crime - Part 3 - Overview »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

ANTIC is responsible for regulating the activities of electronic security and regulation of the Internet in Cameroon.

Sumo Logic

Sumo Logic

Sumo Logic simplifies how you collect and analyze machine data so that you can gain deep visibility across your full application and infrastructure stack.

Berwick Partners

Berwick Partners

Berwick Partners’ Cyber Security Practice is a leading recruiter of senior management positions in this field; we have an exceptional understanding of the constantly changing Cyber landscape.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

Fiserv

Fiserv

Fiserv offers a wide array of Risk & Compliance solutions to help you prevent losses from fraud and ensure adherence to regulatory and compliance mandates.

Unlimited Technology

Unlimited Technology

Unlimited Technology offers a wide range of talent and experience, from assessing your requirements to implementing technologically advanced security solutions to best fit your needs.

Perygee

Perygee

Perygee is a fully integrated platform for operational security. Companies depend on Perygee to identify and streamline the most important security practices for their operations.

TokenEx

TokenEx

TokenEx Cloud Security Platform protects sensitive data to strengthen our clients' security postures while future-proofing their operations.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

Association for Uncrewed Vehicle Systems International (AUVSI)

Association for Uncrewed Vehicle Systems International (AUVSI)

AUVSI is the world's largest nonprofit organization dedicated to the advancement of uncrewed systems and robotics. Focus areas include cyber security for uncrewed systems and robotics.

Flare Systems

Flare Systems

Flare proactively detects and remediates exposure across the clear & dark web, providing organizations with the equivalent of an automated cyber reconnaissance team.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.