π Red Teaming Tool Abused for Malware Deployment π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Red Teaming Tool Abused for Malware Deployment
Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware
ποΈ Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new supply chain attack technique targeting the Python Package Index PyPI registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result in "hundreds of thousands" of malicious package.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π’ Mac management for beginners π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Get the most out of your Apple technology investment.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Mac management for beginners
Get the most out of your Apple technology investment
π¦
The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key takeaways Cyble Research and Intelligence Lab CRIL has identified a highly targeted cyberattack aimed at political figures and government officials, in Malaysia. The attack showcases the advanced tactics employed by Threat Actor TA in targeting highprofile individuals and institutions. The campaign active since July, has employed at least three distinct malicious ISO files specifically designed to compromise Malaysian entities. The malicious ISO files contain multiple components, including a shortcut LNK file, a hidden PowerShell script, a malicious executable, and a decoy PDF file. The campaign delivers Babylon RAT as a final payload. Babylon RAT, an opensource Remote Access Trojan RAT, provides unauthorized access to the victims machine. It allows the TA to...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Babylon RAT Campaign Targets Malaysian Politicians
"Explore Cyble's insights on the Babylon RAT campaign targeting Malaysian politicians and government officials through malicious ISO files.
π€1
π΅οΈββοΈ How CISOs Can Effectively Communicate Cyber-Risk π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs to tell a complex story in a single visualization.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
How CISOs Can Effectively Communicate Cyber-Risk
A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs to tell a complex story in a single visualization.
ποΈ Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The highseverity vulnerability, tracked as CVE202432896 CVSS score 7.8, relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π North Korea Targeting Crypto Industry, Says FBI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
US law enforcement is tracking aggressive social engineering attacks against cryptocurrency operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
North Korea Targeting Crypto Industry, Says FBI
US law enforcement is tracking aggressive social engineering attacks against cryptocurrency operations
π Zeek 6.0.6 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and openscience communities. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.3.2 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.2.3 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.1.7 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.0.15 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π§ Getting βIn Tuneβ with an Enterprise: Detecting Intune Lateral Movement π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Organizations continue to implement cloudbased services, a shift that has led to the wider adoption of hybrid identity environments that connect onpremises Active Directory with Microsoft Entra ID formerly Azure AD. To manage devices in these hybrid identity environments, Microsoft Intune Intune has emerged as one of the most popular device management solutions. Since this The post Getting In Tune with an Enterprise Detecting Intune Lateral Movement appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Getting βIn Tuneβ with an Enterprise: Detecting Intune Lateral Movement
With so many different devices being used in the office, more businesses are relying on hybrid identity environments that need simple management. One solution has emerged as one of the most popular device management solutions today.
ποΈ North Korean Hackers Targets Job Seekers with Fake FreeConference App ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financiallydriven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company GroupIB in midAugust 2024, is yet another indication that the activity is also leveraging native installers for.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π US Government Set Out to Improve Internet Routing Security π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US White House Office of the National Cyber Director proposes improving internet security by protecting the Border Gateway Protocol.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Government Set Out to Improve Internet Routing Security
The US White House Office of the National Cyber Director proposes improving internet security by protecting the Border Gateway Protocol
π΅οΈββοΈ FBI: North Korean Actors Readying Aggressive Cyberattack Wave π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
FBI: North Korean Actors Readying Aggressive Cyberattack Wave
Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.
π΅οΈββοΈ 'Revival Hijack' on PyPI Disguises Malware with Legitimate File Names π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Adversaries reusing abandoned package names sneak malware into organizations in a sort of software shell game.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Revival Hijack' on PyPI Disguises Malware With Legit File Names
Adversaries reusing abandoned package names sneak malware into organizations in a sort of software shell game.
π¦Ώ Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Read more about an attack campaign led by Iranbased cyberespionage threat actor Fox Kitten, and learn how to protect your company from this threat.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US
Iran-based Fox Kitten targets US organizations, collaborating with ransomware affiliates to exploit vulnerabilities and extort victims.
π΅οΈββοΈ Indian Army Propaganda Spread by 1.4K AI-Powered Social Media Accounts π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
For three years now, more than a thousand social media accounts have been reposting the same proIndia, antiPakistan content on Facebook and X.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Indian Army Propaganda Spread by 1.4K AI-Powered Social Media Accounts
For three years now, more than a thousand social media accounts have been reposting the same pro-India, anti-Pakistan content on Facebook and X.
ποΈ New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Chinesespeaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a crossplatform weapon capable of targeting both Microsoft Windows and Linux systems. "KTLVdoor is a highly obfuscated malware that.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information. A brief description of the two vulnerabilities is below CVE202420439 CVSS score 9.8 The presence of an undocumented static user credential for an administrative account.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity