Saudi prince allegedly hacked Jeff Bezos using WhatsApp. The founder of a DDoS mitigation firm admits to launching DDoS attacks. TrickBot now steals Windows Active Directory credentials. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Saudi prince allegedly hacked Jeff Bezos using WhatsApp
Amazon founder Jeff Bezos’ iPhone was reportedly hacked in May 2018 after receiving a WhatsApp message from Saudi Crown Prince Mohammed bin Salman. A large amount of data was exfiltrated from Bezos’ phone within hours after the attack. The exploit involved a zero-day vulnerability in the WhatsApp platform’s video messaging service.
Read more »
2. DDoS mitigation firm founder admits to DDoS
Last week, a Georgia man who co-founded a service designed to protect companies from DDoS attacks pleaded guilty to paying a DDoS-for-hire service to launch attacks against others. His DDoS-protection firm developed the habit of hijacking internet addresses to prevent attacks, but new evidence emerged of him using this technology against innocent organizations.
Read more »
3. TrickBot now steals Windows Active Directory credentials
A new module for the TrickBot trojan targets the Active Directory database stored on compromised Windows domain controllers. To compromise a network, TrickBot will download modules that perform specific behaviors such as stealing cookies, browser information and OpenSSH keys.
Read more »
For more cybersecurity news stories like these, check out the blog »
