ποΈ 4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over 71 million in losses to companies. The defendants, Ta Van Tai aka Quynh Hoa and Bich Thuy, Nguyen Viet Quoc aka Tien Nguyen, Nguyen Trang Xuyen, and Nguyen Van Truong aka Chung Nguyen, have been accused of conducting.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the attackercontrolled server," Wordfence security researcher Chloe Chamberland said in a Monday alert.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Introduces Project Naptime for AI-Powered Vulnerability Research ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has developed a new framework called Project Naptime that it says enables a large language model LLM to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target codebase," Google Project Zero researchers Sergei Glazunov and Mark Brand said. "The agent is provided.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have detailed a nowpatched security flaw affecting the Ollama opensource artificial intelligence AI infrastructure platform that could be exploited to achieve remote code execution. Tracked as CVE202437032, the vulnerability has been codenamed Probllama by cloud security firm Wiz. Following responsible disclosure on May 5, 2024, the issue was addressed in version.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Ease the Burden with AI-Driven Threat Intelligence Reporting ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgills threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. Cybersecurity professionals are facing unprecedented challenges as they strive to manage increasing workloads.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A likely Chinalinked statesponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name RedJuliett, describing it as a cluster that operates from Fuzhou, China, to support Beijing's intelligence.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Multiple threat actors, including cyber espionage groups, are employing an opensource Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various ecommerce and antivirus apps. "It provides malicious actors with a powerful toolkit for remote administration and control, enabling a range of malicious activities.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Fake Law Firms Con Victims of Crypto Scams, Warns FBI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The FBI has urged cryptocurrency scam victims to be on the alert for fraudsters posing as lawyers.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Fake Law Firms Con Victims of Crypto Scams, Warns FBI
The FBI has urged cryptocurrency scam victims to be on the alert for fraudsters posing as lawyers
π New Medusa Trojan Variant Emerges with Enhanced Stealth Features π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cleafy identified five different botnets operated by affiliates, each targeting different geographical areas.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Medusa Trojan Variant Emerges with Enhanced Stealth Features
Cleafy identified five different botnets operated by affiliates, each targeting different geographical areas
π Dark Web Sees 230% Rise in Singapore Identity Theft π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
According to Resecurity, a significant portion of the stolen data was found on the XSS underground forum.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Dark Web Sees 230% Rise in Singapore Identity Theft
According to Resecurity, a significant portion of the stolen data was found on the XSS underground forum
π Cloud Breaches Impact Nearly Half of Organizations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A Thales report found that 44 of organizations have experienced a cloud data breach, with human error and misconfigurations the leading root causes.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cloud Breaches Impact Nearly Half of Organizations
A Thales report found that 44% of organizations have experienced a cloud data breach, with human error and misconfigurations the leading root causes
π Google's Naptime Framework to Boost Vulnerability Research with AI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The framework aims to improve automated vulnerability discovery approaches.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google's Naptime Framework to Boost Vulnerability Research with AI
The framework aims to improve automated vulnerability discovery approaches
π Suspected North Korean Attack Drains $2m from CoinStats Wallets π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CoinStats has revealed a likely statesponsored attack impacting over 1500 users.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Suspected North Korean Attack Drains $2m from CoinStats Wallets
CoinStats has revealed a likely state-sponsored attack impacting over 1500 users
π Credential Stuffing Attack Hits 72,000 Leviβs Accounts π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Levis reveals major credential stuffing attack impacting over 72,000 customer accounts.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Credential Stuffing Attack Hits 72,000 Leviβs Accounts
Leviβs reveals major credential stuffing attack impacting over 72,000 customer accounts
π Modular Malware Boolkaβs BMANAGER Trojan Exposed π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The group has been observed exploiting vulnerabilities through SQL injection attacks since 2022.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Modular Malware Boolkaβs BMANAGER Trojan Exposed
The group has been observed exploiting vulnerabilities through SQL injection attacks since 2022
π Android Users Warned of Rising Malware Threat From Rafel RAT π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An earlier publication by Check Point Research had already linked Rafel to the APTC35DoNot Team.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Android Users Warned of Rising Malware Threat From Rafel RAT
An earlier publication by Check Point Research had already linked Rafel to the APT-C-35/DoNot Team
π China-Based RedJuliett Targets Taiwan in Cyber Espionage Campaign π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The likely Chinese statesponsored group ran espionage campaigns against Taiwans government, academia and diplomacy from Fuzhou, China.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
China-Based RedJuliett Targets Taiwan in Cyber Espionage Campaign
The likely Chinese state-sponsored group ran espionage campaigns against Taiwanβs government, academia and diplomacy from Fuzhou, China
π Polish Prosecutors Step Up Probe into Pegasus Spyware Operation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Polish prosecutors investigating a massive political spying operation have seized Pegasus from a government agency.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Polish Prosecutors Step Up Probe into Pegasus Spyware Operation
Polish prosecutors investigating a massive political spying operation have seized Pegasus from a government agency
π Sellafield Pleads Guilty to Historic Cybersecurity Offenses π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
UKs most hazardous nuclear site, Sellafield, has admitted criminal charges related to IT security failings.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Sellafield Pleads Guilty to Historic Cybersecurity Offenses
UKβs most hazardous nuclear site, Sellafield, has admitted criminal charges related to IT security failings
π Building a Strong SOC Team: Best Practices and Strategies π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Introduction The escalating frequency and sophistication of cyberattacks have made it critical for organizations to build robust SOC teams. A wellstructured SOC team acts as the first line of defense, continuously monitoring and responding to potential security incidents to minimize the impact of cyber attacks. As we reflect on our years of experience building and The post Building a Strong SOC Team Best Practices and Strategies appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Building a Strong SOC Team: Best Practices and Strategies
Learn how to build a strong SOC team with UnderDefense. Discover the essential roles, best practices, and strategies for assembling a robust SOC team.
π¦
UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research and Intelligence Labs CRIL recently came across a malware campaign involving a malicious lnk file associated with the UAC0184 threat actor group. Previously, UAC0184 targeted Ukrainian entities in Finland, utilizing the Remcos RAT in their operations. In their latest campaign, there are signs suggesting the group may be focusing on Ukraine, using disguised lure documents to distribute the XWorm RAT. When the LNK shortcut file is executed, it triggers a PowerShell script that downloads a ZIP file containing both legitimate and malicious Python components, including an encrypted payload. The current attack employs DLL sideloading and Shadowloader to execute the XWorm RAT as the final payload. Ultimately, the XWorm RAT malware attempts to c...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
UAC-0184: Python DLL Sideloading For XWORM
Explore UAC-0184's malware campaign targeting Ukraine with XWORM RAT, utilizing DLL sideloading and Python for remote access.