Notices by Lorenzo Franceschi-Bicchierai (lorenzofb@infosec.exchange)

NEW: A hacktivist group stole and leaked gigabytes of data from the Texas city of Fort Worth.

Breach does not seem to be very serious. City says data is mostly related to work orders to make repairs.

The group, which goes by SiegedSec, said they did it to protest the ban of gender affirming care.

“Did you hear that? :3 *schlop schlop* Its the sound of gay furries fucking the U.S government~!,” the group wrote in its announcement.

https://techcrunch.com/2023/06/26/hacktivists-steal-government-files-from-texas-city-fort-worth/

NEW: Kaspersky says government hackers broke into the iPhones of several of its employees, using a zero-click exploit delivered via iMessage.

At this point, there's no information on who was behind the attacks.

That being said, also today, the FSB published a statement accusing U.S. intelligence of hacking "thousands" of iPhones in Russia, including of Russian diplomats.

https://techcrunch.com/2023/06/01/kaspersky-says-attackers-hacked-staff-iphones-with-unknown-malware/

NEW: Discord recently implemented OpenAI's ChatGPT technology into Clyde, the company's chatbot.

And...it's not going great. Two people tricked the bot into sharing instructions on how to make napalm and meth.

https://techcrunch.com/2023/04/20/jailbreak-tricks-discords-new-chatbot-into-sharing-napalm-and-meth-instructions/

NEW: Government hackers breached the iPhones of at least five victims (journalists, politicians, NGO worker) using spyware made by QuaDream, according to Microsoft and Citizen Lab.

A source who used to be in the spyware industry tells us QuaDream has indeed set up a company in Cyprus to skirt export regulations.

The source also confirmed some of the customers that have been reported previously (KSA) and others (Mexico etc).

https://techcrunch.com/2023/04/11/quadream-spyware-hacked-iphones-calendar-invites/

NEW: Someone was using spyware made by Barcelona-based offensive cybersecurity firm Variston in the UAE, according to Google.

Here we also reveal publicly for the 1st time that Variston purchased Italian zero-day research firm
Truel in 2018.

The acquisition was first reported by Intelligence Online but their article is behind a paywall so it's flown under the radar.

We have independent confirmation of that and the fact that in 2018 Variston was owned by Ralf Wegener and Ramanan Jayaraman.

https://techcrunch.com/2023/03/29/hackers-variston-spyware-uae-google/

NEW: The new admin of BreachForums announced they are shutting down the site "as I believe we can assume that nothing is safe anymore."

"I hope to bring something back that will rival any other community that can take our place."

https://techcrunch.com/2023/03/21/notorious-hacking-forum-shuts-down-after-administrator-gets-arrested/