Jessica Beffa

@jessicabeffa@infosec.exchange
67 Followers
138 Following
120 Posts
Dog, cat and kid mom. Head of NA Public Relations @ESET @ESETresearch ♥ cybersecurity, hiking, traveling and swimming with turtles.
Jessica Beffa7h ago
Lorenzo Franceschi-Bicchierai12h ago

NEW: Iran's government has now admitted that it took down the internet in the country, arguing that it did to protect against Israeli cyberattacks.

I spoke to two Iranians who live abroad and can't communicate with their loved ones back home because of the blackout.

"I haven’t heard from them in two days, but someone is supposed to update me. I hope everything is okay," Amir Rashidi told me.

https://techcrunch.com/2025/06/20/irans-government-says-it-shut-down-internet-to-protect-against-cyberattacks/

Iran's government says it shut down internet to protect against cyberattacks | TechCrunch

The government cited the recent hacks on Bank Sepah and cryptocurrency exchange Nobite as reasons to shut down internet access to virtually all Iranians.

TechCrunch
Jessica BeffaJun 13
DEF CONJun 12

Less than two months until #DEFCON33! Time to start planning to make the most of your #DEFCON experience.

One of the best parts of DC is meeting other humans and bonding over shared interests. On the Parties, Meetups and Events page you’ll find a shockingly comprehensive list of group hangs. Whether you’re into Running or Ham Radio, Blanket Forts or Karaoke, we’ve got you covered.

Set aside some time for fun and
connection. Your people are waiting.

https://defcon.org/html/defcon-33/dc-33-pmne.html#nav

#defconparties #defconevents #defcon meetups

DEF CON® Hacking Conference - Events, Parties, & Meetups

DEF CON 33 Events, Parties, & Meetups

Jessica BeffaJun 13
mhoyeJun 13

I have to admit I'm surprised to learn that apparently Victoria's actual Secret is... a skilled infosec response team?

I'm genuinely curious in how they run their shop, and this incident, that let them respond to this much more quickly and effectively than many other and seemingly more critical-role organizations.

https://www.bleepingcomputer.com/news/security/victorias-secret-restores-critical-systems-after-cyberattack/

Victoria’s Secret restores critical systems after cyberattack

Victoria's Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down corporate systems and the e-commerce website.

BleepingComputer
Jessica BeffaJun 9
IoT BotnetJun 9
Jessica BeffaJun 5

New today: @ESETresearch analyzed a #cyberespionage campaign conducted by BladedFeline, an Iran-aligned #APT group with likely ties to OilRig 🔎

https://www.welivesecurity.com/en/eset-research/bladedfeline-whispering-dark/

BladedFeline: Whispering in the dark

ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig.

Jessica BeffaMay 23

More 📰! @ESETresearch participated in global disruption of notorious infostealer #Danabot by the US DOJ, DOD and FBI, and others. Since 2018, @ESET Research has tracked the evolution of this powerful malware-as-a-service operation. 🔎💻

More👀: https://www.welivesecurity.com/en/eset-research/danabot-analyzing-fallen-empire/

Danabot: Analyzing a fallen empire

ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation.

Jessica BeffaMay 21

@ESETresearch supports global disruption of Lumma Stealer - one of the most prevalent infostealers. 🕵‍♀️ The operation targeted Lumma Stealer infrastructure making the botnet, in large part, inoperative.

@ESET Rocks. #ProgressProtected Check out www.welivesecurity.com/en/eset-rese... to learn more 🤩

Jessica BeffaMay 15
ESET ResearchMay 15
#ESETresearch publishes its investigation of Operation RoundPress, which uses XSS vulnerabilities to target high-value webmail servers. We attribute the operation to Sednit with medium confidence. https://www.welivesecurity.com/en/eset-research/operation-roundpress/
In 2023, Operation RoundPress only targeted Roundcube, but in 2024 it expanded to other webmail software including Horde, MDaemon, and Zimbra.. For MDaemon, Sednit exploited the zero-day XSS vulnerability CVE-2024-11182.
Most victims were governmental entities and defense companies in Eastern Europe, although we have observed governments in Africa, Europe, and South America being targeted as well.
Our blogpost provides an analysis of the JavaScript payloads, which we named SpyPress. They are able to steal webmail credentials, and exfiltrate contacts and email messages from the victim’s mailbox. IoCs available in our GitHub repo: https://github.com/eset/malware-ioc/tree/master/operation_roundpress 5/5
Operation RoundPress targeting high-value webmail servers

ESET researchers uncover a Russia-aligned espionage operation that they named RoundPress and that targets webmail servers via XSS vulnerabilities.

Jessica BeffaSep 10, 2024
Hacker NewsSep 10, 2024
Ford seeks patent for tech that listens to driver conversations to serve ads
L: https://therecord.media/ford-patent-application-in-vehicle-listening-advertising
C: https://news.ycombinator.com/item?id=41501630
posted on 2024.09.10 at 11:17:06 (c=0, p=7)
Ford seeks patent for tech that listens to driver conversations to serve ads

A Ford Motoer Company patent application filed in February and published last month proposes software that would monitor in-car conversations and other data to help serve up advertisements.

Jessica BeffaNov 6, 2023
Dan GoodinNov 6, 2023

No, Okta, senior management, not an errant employee, caused you to get hacked

If a transgression by a single employee breaches your network, you're doing it wrong.

https://arstechnica.com/information-technology/2023/11/no-okta-senior-management-not-an-errant-employee-caused-you-to-get-hacked/

No, Okta, senior management, not an errant employee, caused you to get hacked

If a transgression by a single employee breaches your network, you're doing it wrong.

Ars Technica