U.S. Federal Agencies and other countries release advisory that Russian Foreign Intelligence Service (SVR) is exploiting vulnerability in Jetbrains TeamCity globally

According to CISA, FBI, NSA, Polish Military Counterintelligence, CERT Polska, and UK’s National Cyber Security Centre, Russian actors known by names including APT 29 are and have been exploiting servers hosting JetBrains TeamCity software since at least September, 2023. This software is used for software compilations, including building, testing and releasing software. The potential impact is pretty large, including supply chain operations (think Solarwinds). The article details IOCs

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a

Click to access aa23-347a-russian-foreign-intelligence-service-svr-exploiting-jetbrains-teamcity-cve-globally_0.pdf

Joint advisory

https://nvd.nist.gov/vuln/detail/cve-2023-42793

GitHub complies with Twitter’s Digital Millennium Copyright Act notification and removes leaked Twitter source code. As Twitter, searches for the leaker, insists on logging data preservation for “all identifying information”

https://www.bleepingcomputer.com/news/security/twitter-takes-down-source-code-leaked-online-hunts-for-downloaders/

https://github.com/github/dmca/blob/master/2023/03/2023-03-24-twitter.md

Former Twitter employee found guilty for spying on behalf of Saudi Arabia

https://thehackernews.com/2022/12/ex-twitter-employee-gets-35-years-jail.html

New York Post Update: Looks like it was a (now former) New York Post employee

https://variety.com/2022/digital/news/new-york-post-twitter-account-hack-racist-violent-messages-1235415797/

FBI warns about the potential for Cyber Activities during the 2022 Beijing Winter Olympics and Paralympics

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/01/fbi-releases-pin-potential-cyber-activities-during-2022-beijing

Don’t download software from untrusted sources. Googling for software can often have bad outcomes

https://www.bleepingcomputer.com/news/security/malicious-notepad-plus-plus-installers-push-strongpity-malware/

FCC just about pulls the plug on China Telcom over US National security concerns

https://therecord.media/fcc-revokes-license-for-china-telecom-americas-amid-national-security-concerns/

Pakistani man bribed AT&T call center employees to install malware and unlocked almost 2 million phones, gets 12 years in prison

https://therecord.media/man-who-bribed-att-employees-to-install-malware-on-the-companys-network-gets-12-years-in-prison/

Former Credit Union employee that deleted 21 GB of data pleaded guilty

https://www.bleepingcomputer.com/news/security/fired-ny-credit-union-employee-nukes-21gb-of-data-in-revenge/

Another Local Privilege Escalation vulnerability: SteelSeries (and probably not the last)

https://www.bleepingcomputer.com/news/security/steelseries-bug-gives-windows-10-admin-rights-by-plugging-in-a-device/

Between Razer and now SteelSeries, these opened a can of worms for new Zero-Day vulnerabilities. Expect more.