Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
Unit 42
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure
Understanding banking Trojan techniques can help detect other activities of financially motivated threat groups.
๐1
Cybersecurity expert analysis about security vulnerabilities that alters exposed NGINX config files
๐ฃcheeztoshobo
๐@malwr
๐ฃcheeztoshobo
๐@malwr
Criminal IP
Knowledge Hub | Criminal IP
The Knowledge Hub for Criminal IP users, featuring case studies, webinars, white papers, and videos. Explore and utilize the materials you need.
Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3)
๐ฃmonoimpact
Nice chaining. And I've now a headache after reading it.
๐คhinterzimmer
๐@malwr
๐ฃmonoimpact
Nice chaining. And I've now a headache after reading it.
๐คhinterzimmer
๐@malwr
Sonarsource
Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3)
We discovered multiple vulnerabilities in Checkmk, which can be chained together by an unauthenticated, remote attacker to fully take over a vulnerable server.
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
BlackBerry
RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom
The threat actor known as RomCom is actively deploying new campaigns aimed at victims in Ukraine and English-speaking regions. The BlackBerry Threat Research and Intelligence Team discovered new campaigns that spoof popular brand-name software packages. Theโฆ
๐2
Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
Phylum Research | Software Supply Chain Security
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Last week, our automated risk detection platform alerted us to suspicious activity in dozens of newly published PyPI packages. Here's what we uncovered.
๐3
U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | USAO-SDNY
๐ฃdigicat
>today remains the Departmentโs second largest financial seizure ever
What's the biggest?
๐คRamblinWreckGT
Wait...
He technically did nothing wrong. He stole from scumbags. Just because it's tainted doesn't mean he should go to jail. Holy shit.
๐คasecuredlife
Infinite money glitch irl:
- Create anonymous account on darknet market
- Exploit race condition to steal bitcoin (You could double spend if you do it fast)
- Quickly transfer bitcoin through a chain of addresses to hide source.
- Wait for hard fork to double your money
- ~~Make stupid opsec fails that lead to you getting caught~~
- Profit.
๐คNullVoidPointer
๐@malwr
๐ฃdigicat
>today remains the Departmentโs second largest financial seizure ever
What's the biggest?
๐คRamblinWreckGT
Wait...
He technically did nothing wrong. He stole from scumbags. Just because it's tainted doesn't mean he should go to jail. Holy shit.
๐คasecuredlife
Infinite money glitch irl:
- Create anonymous account on darknet market
- Exploit race condition to steal bitcoin (You could double spend if you do it fast)
- Quickly transfer bitcoin through a chain of addresses to hide source.
- Wait for hard fork to double your money
- ~~Make stupid opsec fails that lead to you getting caught~~
- Profit.
๐คNullVoidPointer
๐@malwr
www.justice.gov
U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure
Create Emergency Access Accounts for AAD and Use Log Analytics to Monitor Sign-ins from them
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
TECHCOMMUNITY.MICROSOFT.COM
Create Emergency Access Accounts for Azure AD and Use Log Analytics to Monitor Sign-ins from Them
As part of your cloud BCDR processes, make sure you have a solid emergency accounts process and automation watching for sign-in attempts from those emergency..