News Intelbroker claims they hacked Apple in the same week as AMD

Toggle sidebar Toggle sidebar
Metal Messiah.

Metal Messiah.

Judicious
Mar 28, 2019
8,067
2,913
35,240
For obvious reasons, verification of the breach would require Apple to patch vulnerabilities and enhance security measures to prevent further damage. The breach, if confirmed, could expose vulnerabilities and compromise Apple's internal operations
Click to expand...

Don't jump on any conclusion, Anton. To clarify:

Contrary to what some sites have been reporting, the leaked data does NOT include internal Apple tools, but instead, contains internal custom integrations to connect Apple proprietary authentication systems to Atlassian Jira and Confluence, for SSO authentication within the Apple corporate network.

So, basically the source code handles the authentication to retail-confluence.apple.com, a Confluence server which is not routable on the public internet.

The origin of the leak remains unknown, with the possibility that it may have originated from either Apple’s internal systems or from cPrime, the external consultancy responsible for developing these plugins.

So to reiterate.

An analysis of the leaked code by the security team at cybersecurity consultancy AHCTS revealed that the released code isn’t actually the source to the internal tools themselves, but rather “proprietary internal plugins and configurations” that are used “to connect Apple proprietary authentication systems to Atlassian Jira and Confluence, for Single Sign On authentication within the Apple corporate network.”

The highly technical analysis by AHCTS concludes that the leak of these custom plugins “poses significant cybersecurity risks,” but no Apple end-user products or services are impacted.

The detailed configurations and sensitive information contained within the code could, AHCTS said, “potentially be exploited by malicious actors.”

ahcts.co

Technical Analysis of Apple Internal Source Code Leak - AHCTS, LLC

Custom plugins developed for Apple's internal Confluence and Jira systems have been leaked, exposing sensitive configurations and data. Developed by cPrime, the source of the breach is unclear, highlighting critical security issues.
ahcts.co ahcts.co


https://twitter.com/x/status/1803485734944284952
View: https://x.com/andrewchenke/status/1803485734944284952
 
Last edited:
  • Like
Reactions: thisisaname and TechyIT223
Pierce2623

Pierce2623

Upstanding
Dec 3, 2023
208
172
260
Metal Messiah. said:
Don't jump on any conclusion, Anton. To clarify:

Contrary to what some sites have been reporting, the leaked data does NOT include internal Apple tools, but instead, contains internal custom integrations to connect Apple proprietary authentication systems to Atlassian Jira and Confluence, for SSO authentication within the Apple corporate network.

So, basically the source code handles the authentication to retail-confluence.apple.com, a Confluence server which is not routable on the public internet.

The origin of the leak remains unknown, with the possibility that it may have originated from either Apple’s internal systems or from cPrime, the external consultancy responsible for developing these plugins.

So to reiterate.

An analysis of the leaked code by the security team at cybersecurity consultancy AHCTS revealed that the released code isn’t actually the source to the internal tools themselves, but rather “proprietary internal plugins and configurations” that are used “to connect Apple proprietary authentication systems to Atlassian Jira and Confluence, for Single Sign On authentication within the Apple corporate network.”

The highly technical analysis by AHCTS concludes that the leak of these custom plugins “poses significant cybersecurity risks,” but no Apple end-user products or services are impacted.

The detailed configurations and sensitive information contained within the code could, AHCTS said, “potentially be exploited by malicious actors.”

ahcts.co

Technical Analysis of Apple Internal Source Code Leak - AHCTS, LLC

Custom plugins developed for Apple's internal Confluence and Jira systems have been leaked, exposing sensitive configurations and data. Developed by cPrime, the source of the breach is unclear, highlighting critical security issues.
ahcts.co ahcts.co


https://twitter.com/x/status/1803485734944284952
View: https://x.com/andrewchenke/status/1803485734944284952
Click to expand...
That’s looks more like proof that Apple was hacked and it was maybe just a less important server.
 
T

TechyIT223

Prominent
Jun 30, 2023
227
51
660
BTW it is unclear whether Intelbroker is trying to sell the data from AMD and also Apple or not, as it appears to just be up for grabs as is. Since they are high profile hackers.
 
O

OneMoreUser

Prominent
Jan 2, 2023
70
72
610
Hackers along with the people that do scams on the internet needs to rot in jail. Especially the later that often prey on the elderly or otherwise vulnerable, there is nothing lower than that.
 
T

TechyIT223

Prominent
Jun 30, 2023
227
51
660
This Intelbroker guy or group is a "Threat Actor" more like IMO. Not a "hacker" group to be clear.

A lot of people get confused by this.
 
Pierce2623

Pierce2623

Upstanding
Dec 3, 2023
208
172
260
TechyIT223 said:
This Intelbroker guy or group is a "Threat Actor" more like IMO. Not a "hacker" group to be clear.

A lot of people get confused by this.
Click to expand...
If you go by the definition of a “threat actor” it’s basically the same thing that people use the term hacker for. It’s someone who exploits security vulnerabilities either way.
 
Metal Messiah.

Metal Messiah.

Judicious
Mar 28, 2019
8,067
2,913
35,240
I think both the "threat actor" and "hacker" terms can be used interchangeably, but there is still a difference, sometimes subtle, sometimes not, depending on the context we are dealing with.

It's slightly confusing though. But not all hackers are threat actors or cybercriminals though, IMO.

The term "threat actor" actually still differs from the term “hacker” or “attacker” because, unlike a hacker, a threat actor does not necessarily have any hacking or technical skills.

They are simply an entity with malicious intent compromising an organization’s security. This could mean anything from copying confidential data onto a USB key to physically destroying servers in the data center. It is a broad term that can apply to both insider and external threats.

But as per cybersecurity glossary.

1. "Threat actor is a broad term encompassing an individual, group of individuals, harmful organization (such as nation-state attackers) or others who present cybersecurity threats to governments, private sector companies, and others. Threat actors can include hackers."

2. "Hacker is a broad term that refers to someone who uses technological skills to enter an organization's IT systems without authorization or permission. Hackers can be individuals or groups.

They can be independent actors with malicious intent, state-sponsored individuals working for nations to perpetrate espionage, and more. Hackers can also be non-malicious, in the case of red team groups hired to help organizations uncover security holes, penetration testers, individuals participating in bug bounty programs, and more."

https://www.digitalhands.com/guides/cybersecurity-threat-actors
 
  • Like
Reactions: TechyIT223
T

TechyIT223

Prominent
Jun 30, 2023
227
51
660
Pierce2623 said:
If you go by the definition of a “threat actor” it’s basically the same thing that people use the term hacker for. It’s someone who exploits security vulnerabilities either way.
Click to expand...

Well maybe, but like MM mentioned above there seems to be specific difference between the two terms

I guess hackers are more into hacking stuff as the term implies, and they also have proficient technical skills as well 🤔🧐
 
Pierce2623

Pierce2623

Upstanding
Dec 3, 2023
208
172
260
TechyIT223 said:
Well maybe, but like MM mentioned above there seems to be specific difference between the two terms

I guess hackers are more into hacking stuff as the term implies, and they also have proficient technical skills as well 🤔🧐
Click to expand...
Oh there’s definitely a distinction in the actual definitions. My point is that the definition of a “threat actor” is exactly what most everyday non-technical types will think of as a “hacker”. That’s all.
 
  • Like
Reactions: TechyIT223
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom