ποΈ Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A government entity and a religious organization in Taiwan were the target of a Chinalinked threat actor known as Evasive Panda that infected them with a previously undocumented postcompromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies," ESET security researcher Anh Ho said. "Through.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27) ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity news can sometimes feel like a neverending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don't worry, we're here to break it all down in plain English and arm you with the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Russian Espionage Group Targets Ukrainian Military with Malware via Telegram ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group TAG and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefensecomua, was created on.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also known by the monikers.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Evasive Pandaβs CloudScout Toolset Targets Taiwan π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Evasive Pandas CloudScout uses MgBot to steal session cookies, infiltrating cloud data in Taiwan.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Evasive Pandaβs CloudScout Toolset Targets Taiwan
Evasive Pandaβs CloudScout uses MgBot to steal session cookies, infiltrating and extracting cloud data from Taiwanese institutions
β€1
π New Type of Job Scam Targets Financially Vulnerable Populations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The surge in job scams targets vulnerable individuals, mirroring pig butchering fraud tactics.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Type of Job Scam Targets Financially Vulnerable Populations
The surge in job scams targets vulnerable individuals, mirroring pig butchering fraud tactics
π Russian Malware Campaign Targets Ukrainian Recruits Via Telegram π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Google researchers have observed Russian threat actor UNC5812 using a malware campaign via Telegram to access the devices of Ukrainian military recruits.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian Malware Campaign Targets Ukrainian Recruits Via Telegram
Google researchers have observed Russian threat actor UNC5812 using a malware campaign via Telegram to access the devices of Ukrainian military recruits
β€1
π¦
U.S. Agencies Investigate China-Linked Telecom Hacks Targeting High-Profile Politicians π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
The FBI and the Cybersecurity and Infrastructure Security Agency CISA have launched an investigation into a series of cyber intrusions linked to hackers believed to be affiliated with the Chinese statelinked threat actors. This investigation follows reports that the phone communications of prominent U.S. political figures, including former President Donald Trump, Vice President Kamala Harris campaign team, and vicepresidential candidate JD Vance, have been targeted in a sweeping cyberespionage effort. Allegations of Unauthorized Access by Chinese State Linked Threat Actors The FBI and CISA issued a statement confirming their investigation into unauthorized access to commercial telecommunications infrastructure perpetrated by actors associated with the Peoples Republic of Ch...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
U.S. Investigates China-Linked Telecom Hacks On Politicians
The FBI and CISA are investigating cyber intrusions linked to Chinese state actors, targeting Trump, Harris, and JD Vance via Telecom Hacks.
π¦
New Vulnerabilities Identified in Philips Smart Lighting and Matrix Door Controller π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The Indian Computer Emergency Response Team CERTIn has issued two critical vulnerability advisories related to Philips Smart Lighting products and the Matrix Door Controller. Both vulnerabilities are classified as high severity, signaling significant risks for users that cannot be ignored. If left unaddressed, these vulnerabilities could lead to serious repercussions, including unauthorized access to sensitive information and potential data breaches. The implications of these vulnerabilities extend beyond mere inconvenience they threaten the security and integrity of users' home networks and connected devices. Affected users must take immediate action to protect their systems and ensure they are not exposed to potential exploitation. By staying informed and implementi...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
New Vulnerabilities In Philips Smart Lighting & Matrix Door
CERT-In's vulnerability advisories highlight severe risks in Philips Smart Lighting and Matrix Door Controller.
π΅οΈββοΈ Sophos-SecureWorks Deal Focuses on Building Advanced MDR, XDR Platform π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Sophos CEO Joe Levy says 859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities at the core.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Sophos-SecureWorks Deal to Build Out Advanced MDR, XDR
Sophos CEO Joe Levy says $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform β with network detection and response, vulnerability detection and response, and identity threat detection and response capabilitiesβ¦
π΅οΈββοΈ Windows 'Downdate' Attack Reverts Patched PCs to a Vulnerable State π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement DSE bypass.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Windows 'Downdate' Attack Makes Patched PCs Vulnerable
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.
π΅οΈββοΈ China's Elite Cyber Corps Hone Skills on Virtual Battlefields π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The nation leads in the number of capturetheflag tournaments sponsored by government and industry a strategy from which Western nations could learn.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
China's Elite Cyber Corps Hone Skills on Virtual Battlefields
The nation leads in the number of capture-the-flag tournaments sponsored by government and industry β a strategy from which Western nations could learn.
π΅οΈββοΈ Delta Launches $500M Lawsuit Against CrowdStrike π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than 10 million.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Delta Launches $500M Lawsuit Against CrowdStrike
Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than $10 million.
π΅οΈββοΈ Russia Kneecaps Ukraine Army Recruitment With Spoofed 'Civil Defense' App π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Posing as an application used to locate Ukrainian military recruiters, a Kremlinbacked hacking initiative delivers malware, along with disinformation designed to undermine signups for soldiers in the war against Russia.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Russia Targets Ukraine Army via Spoofed Recruitment App
Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.
π΅οΈββοΈ Mozilla: ChatGPT Can Be Manipulated Using Hex Code π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new promptinjection technique.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Mozilla: ChatGPT Can Be Manipulated Using Hex Code
LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.
β€1
π Tony Fadell: Innovating to save our planet | Starmus highlights π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
As methane emissions come under heightened global scrutiny, learn how a stateoftheart satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Tony Fadell: Innovating to save our planets | Starmus highlights
As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts
π1
π CloudScout: Evasive Panda scouting cloud services π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
ESET researchers discovered a previously undocumented toolset used by Evasive Panda to access and retrieve data from cloud services.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
CloudScout: Evasive Panda scouting cloud services
ESET researchers discover a previously undocumented toolset used by Evasive Panda to access and retrieve data from cloud services.
πͺ Staff Stories Spotlight Series: Cybersecurity Awareness Month 2024 πͺ
π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, QA style blogs will be published featuring some of our unique staff members who have interesting backgrounds, stories to tell, and projects in the world of cybersecurity. This years Cybersecurity Awareness Month theme is Secure our World. How does this theme resonate with you, as someone working in cybersecurity? This theme resonates strongly with me. I am very fortunate to have the role of leading and.π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
NIST
Staff Stories Spotlight Series: Cybersecurity Awareness Month 2024
This blog is part of a larger NIST series during the
ποΈ U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. government USG has issued new guidance governing the use of the Traffic Light Protocol TLP to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zrich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier IBPB on x86 chips, a crucial mitigation.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π’ Apple is offering rewards of up to $1 million to find critical flaws in its private AI cloud systems π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Apple is offering big bug bounty rewards to boost security of its Private Cloud Compute.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Apple is offering rewards of up to $1 million to find critical flaws in its private AI cloud systems
Apple is offering big bug bounty rewards to boost security of its Private Cloud Compute
β€1