Who Was Responsible For Hacking Both IBM & Stanford University?

Uploaded on 2022-07-11 in TECHNOLOGY--Hackers, FREE TO VIEW

The threat detection experts at CloudSEK have used their XVigil Artificial Intelligence (AI) platform to identify a post made to a cyber crime forum, where a threat actor has taken credit for hacking exploits.

In a website post the company researchers describe how  an open source automation server platform known as 'Jenkins' is one of the channels used by an as yet unidentified  threat actor in attacks against both IBM and Stanford University. The post contained a sample screenshot as proof of their claimed access to a Jenkins dashboard. 

According to CloudSEK,  the hackers aim to deliver a module containing hidden desktop takeover capabilities by exploiting clicks on seeming innocuous advertisements posted on the Internet. 

CloudSEK say that the Jenkins dashboard bypass contains internal hosts and scripts, in addition to database credentials and logins. On the same forum, CloudSEK found that the actor admitted to targeting IBM, particularly via internal administrators’ scrips and firewall configurations. Then, a private script is deployed to conduct fuzzing and obtain vulnerable instances that are then exploited. 

According to further posts, the hacker say they also targeted IBM and claimed responsibility for hacking Jozef Safarik University in Slovakia and Stanford University.

Cyber security researchers claim that modules such as Jenkins can be used to deliver sophisticated ransomware attacks, making them particularly dangerous. Reports from XVigil suggested government access to the domains was discovered from multiple countries, including Ukraine, United Arab Emirates, Pakistan and Nepal.

CloudSEK researchers say they expect this malicious campaign to ramp up bot infection attempts.

CloudSEK:   TEISS:      Oodaloop:     Infosecurity Magazine:     IT Security Guru:    The Cybersecurity:     Inside

You Might Also Read: 

Lapsus$ Hackers Targeted T-Mobile:
 

« How Do You Solve A Problem Like The Cyber Security Skills Gap?
History Of Cyber Crime - Part 3 - Overview »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

Cybsecurity Foundation (CSF)

Cybsecurity Foundation (CSF)

Cybsecurity is a non-profit NGO, which aims to work on improvement of security levels in the Polish cyberspace.

Capita

Capita

Capita is a consulting, digital services and software business, providing end-to-end enterprise IT services and solutions focused around digital transformation and innovation.

K2 Integrity

K2 Integrity

K2 Integrity is a preeminent risk, compliance, investigations, and monitoring firm - built by industry leaders to safeguard our clients’ operations, reputations, and economic security.

V-Key

V-Key

V-Key is a global leader in software based digital security, providing solutions for mobile identity, authentication, authorization, and mobile payments for major banks.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

redGuardian

redGuardian

redGuardian is a DDoS mitigation solution available both as a BGP-based service and as an on-premise platform.

ICS-CSR

ICS-CSR

ICS-CSR is a research conference bringing together researchers with an interest in the security of industrial control systems.

Antares NetlogiX

Antares NetlogiX

Antares Netlogix are a leading Austrian service provider for IT security, critical infrastructures and managed security services.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

Logiq Consulting

Logiq Consulting

Logiq Consulting provide a full range of Cyber Security, Information Assurance and System Engineering services.

InfoSecTrain

InfoSecTrain

InfoSecTrain are a leading training and consulting organization dedicated to providing top-tier IT security training and information security services to organizations and individuals across the globe

StepSecurity

StepSecurity

StepSecurity provides a comprehensive security platform for GitHub Actions.