August 5, 2023

Israel cybersecurity agency says no breach after senior official self-infects home PC with malware

Reading Time: 2 minutes

Israel’s National Cybersecurity Directorate said there was ‘no breach’ of its network after passwords belonging to a senior agency official were stolen from their home computer earlier this year and published online.

The cache contained saved credentials, credit card numbers and auto-filled passwords from the official’s home computer, including passwords that relate to the senior official’s work at the INCD, such as threat detection services and other internal Israeli government systems.

A desktop screenshot of the official’s home computer taken at the time of compromise and bundled in the cache of stolen credentials shows the INCD official mistakenly infecting their home computer with the RedLine malware. The screenshot prominently features a virtual machine running FlareVM, a custom software used by cybersecurity professionals for reverse-engineering and analyzing malware, with a sample of RedLine on the virtual machine’s desktop.

RedLine is a notorious password-stealing malware, which was attributed to last year’s hack at Uber and the theft of login details from Worldcoin Orb operators.

When asked about the incident, INCD said the agency official ‘reported in accordance with our established security protocols,’ but did not say when, or how long after the incident it was reported.

‘Following the event, the INCD launched a thorough investigation which confirmed that there was no breach to our well-secured organizational network,’ said Libi Oz, a spokesperson for INCD.

‘The incident took place on a private computer, disconnected and isolated from the organization’s network, ensuring a clear separation between personal and work-related digital spaces, as required. In addition, there was no sensitive information stored on it,’ the spokesperson added.

INCD said that it ‘routinely applies a multi-layered security framework in the organizational network, which includes multi-factor authentication and other measures, to effectively prevent and minimize the potential impact of such incidents.’

• Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices
• Mondee exposed flight itineraries and unencrypted credit card numbers
• Russian hackers used Microsoft Teams to breach government agencies
• Researchers jailbreak a Tesla to get free in-car feature upgrades

Reference: https://techcrunch.com/2023/08/04/israel-cybersecurity-directorate-no-breach-malware/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG