Global NetScaler Gateway credential harvesting campaign - attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials
π£digicat
π@malwr
π£digicat
π@malwr
Security Intelligence
X-Force uncovers global NetScaler Gateway credential harvesting campaign
IBM X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials.
LostTrust Ransomware | Latest Multi-Extortion Threat Shares Traits with SFile and Mindware
π£digicat
π@malwr
π£digicat
π@malwr
SentinelOne
LostTrust Ransomware | Latest Multi-Extortion Threat Shares Traits with SFile and Mindware
Discover the technical overlaps between LostTrust Ransomware, SFile and Mindware in this in-depth analysis of the latest multi-extortion cyber threats.
Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
π£digicat
π@malwr
π£digicat
π@malwr
Unit 42
Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
We employ static and dynamic analysis to dissect two case studies using obfuscation in Android malware: a Cerberus banking trojan and HiddenAd adware.
LatLoader: PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - icyguider/LatLoader: PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
PoC module to demonstrate automated lateral movement with the Havoc C2 framework. - icyguider/LatLoader
FASER: Binary Code Similarity Search through the use of Intermediate Representations or Cross-Architecture Function Similarity Search Model
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - br0kej/FASER: Cross-Architecture Function Similarity Search Model - https://arxiv.org/abs/2310.03605
Cross-Architecture Function Similarity Search Model - https://arxiv.org/abs/2310.03605 - br0kej/FASER
[RELEASE KsDumper 11 v1.3](https://github.com/mastercodeon314/KsDumper-11)
π£Mastercodeon314
Updated KsDumper 11 to v1.3.
Now uses KDU v1.3.4, has new Provider selector, did away with the old provider scanner that would cause frequent crashes, updated to .NET Framework 4.8.
Stability of KsDumper 11 should be MUCH better now!
π€Mastercodeon314
π@malwr
π£Mastercodeon314
Updated KsDumper 11 to v1.3.
Now uses KDU v1.3.4, has new Provider selector, did away with the old provider scanner that would cause frequent crashes, updated to .NET Framework 4.8.
Stability of KsDumper 11 should be MUCH better now!
π€Mastercodeon314
π@malwr
GitHub
GitHub - mastercodeon314/KsDumper-11: A revival of the classic and legendary KsDumper
A revival of the classic and legendary KsDumper. Contribute to mastercodeon314/KsDumper-11 development by creating an account on GitHub.
Predator Files: Technical deep-dive into Intellexa Allianceβs surveillance products
π£yzoug
π@malwr
π£yzoug
π@malwr
Amnesty International Security Lab
Predator Files: Technical deep-dive into Intellexa Alliance's surveillance products - Amnesty International Security Lab
An expose the Intellexa Alliance's surveillance capabilities including advanced spyware, mass surveillance platforms, and tactical systems for targeting and intercepting nearby devices.
Digital Defense Report 2023 - fourth annual edition of the report we share actionable steps and valuable insights from what weβre seeing for the reporting period from July 2022 through June 2023.
π£digicat
π@malwr
π£digicat
π@malwr
Microsoft
Microsoft Digital Defense Report 2023 (MDDR)
Read the Microsoft Digital Defense Report 2023 to gain the latest cybersecurity insights into the digital threat landscape and learn how you can empower your organization's digital defense
R2R stomping β are you ready to run?
https://research.checkpoint.com/2023/r2r-stomping-are-you-ready-to-run/
π@malwr
https://research.checkpoint.com/2023/r2r-stomping-are-you-ready-to-run/
π@malwr
Check Point Research
R2R stomping β are you ready to run? - Check Point Research
Research by: Jiri Vinopal Highlights Abstract What if we told you that the reality you perceive with your very own eyes is not always what it seems? That the .NET code you witness executing within your beloved managed debugger, such as dnSpy/dnSpyEx, mayβ¦
9th October β Threat Intelligence Report
https://research.checkpoint.com/2023/9th-october-threat-intelligence-report/
π@malwr
https://research.checkpoint.com/2023/9th-october-threat-intelligence-report/
π@malwr
Check Point Research
9th October β Threat Intelligence Report - Check Point Research
For the latest discoveries in cyber research for the week of 9th October, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES The American Rock County Public Health Department, which serves more than 160K people across Wisconsin areaβ¦
Electric Power System Cybersecurity Vulnerabilities
Digitalization has changed the business environment of the electric power industry, exposing it to various threats. This webinar will help you uncover previously unnoticed threats and develop countermeasures and solutions.
https://www.trendmicro.com/en_us/research/23/j/electric-power-system-cybersecurity-vulnerabilities.html
π@malwr
Digitalization has changed the business environment of the electric power industry, exposing it to various threats. This webinar will help you uncover previously unnoticed threats and develop countermeasures and solutions.
https://www.trendmicro.com/en_us/research/23/j/electric-power-system-cybersecurity-vulnerabilities.html
π@malwr
Trend Micro
Electric Power System Cybersecurity Vulnerabilities
Learn about cybersecurity vulnerabilities in electric power systems by watching this recent webinar.
2023-10-04 - DarkGate malware infection
https://www.malware-traffic-analysis.net/2023/10/04/index.html
π@malwr
https://www.malware-traffic-analysis.net/2023/10/04/index.html
π@malwr
Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2
Summary Summary Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487) impacts any internet exposed HTTP/2 endpoints. As an industry leader, Microsoft promptly opened an investigation and subsequently began working with industry partners for a coordinated disclosure and mitigation plan.
https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
π@malwr
Summary Summary Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487) impacts any internet exposed HTTP/2 endpoints. As an industry leader, Microsoft promptly opened an investigation and subsequently began working with industry partners for a coordinated disclosure and mitigation plan.
https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
π@malwr