Operation HamsaUpdate: A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk
On December 19th, the Israel National Cyber Directorate released an urgent alert warning regarding a phishing campaign actively targeting Israeli customers using F5’s network devices. We’ve labeled this campaign Operation HamsaUpdate. It features the deployment of a newly developed wiper malware that targets both Windows and Linux servers. The campaign leverages a convincingly written email...
https://intezer.com/blog/research/stealth-wiper-israeli-infrastructure/
🎖@malwr
On December 19th, the Israel National Cyber Directorate released an urgent alert warning regarding a phishing campaign actively targeting Israeli customers using F5’s network devices. We’ve labeled this campaign Operation HamsaUpdate. It features the deployment of a newly developed wiper malware that targets both Windows and Linux servers. The campaign leverages a convincingly written email...
https://intezer.com/blog/research/stealth-wiper-israeli-infrastructure/
🎖@malwr
Intezer
Operation HamsaUpdate: A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk
A sophisticated phishing campaign, with emails written in Hebrew, deploys a new wiper malware affecting Windows and Linux servers.
🤔1
Doctor Web’s November 2023 review of virus activity on mobile devices
https://news.drweb.com/show/?i=14777&lng=en&c=5
🎖@malwr
https://news.drweb.com/show/?i=14777&lng=en&c=5
🎖@malwr
Dr.Web
Dr.Web — Doctor Web’s November 2023 review of virus activity on mobile devices
Find out on Doctor Web’s site about the latest virus threats and information security issues.
Annual Payment Fraud Intelligence Report: 2023
2023's payment fraud trends predict a persistent underground market and evolving sophisticated cyber-fraud threats in 2024.
https://www.recordedfuture.com/annual-payment-fraud-intelligence-report-2023
🎖@malwr
2023's payment fraud trends predict a persistent underground market and evolving sophisticated cyber-fraud threats in 2024.
https://www.recordedfuture.com/annual-payment-fraud-intelligence-report-2023
🎖@malwr
Recordedfuture
Annual Payment Fraud Intelligence Report: 2023 | Recorded Future
2023's payment fraud trends predict a persistent underground market and evolving sophisticated cyber-fraud threats in 2024.
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware
Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil.
https://blog.talosintelligence.com/intellexa-and-cytrox-intel-agency-grade-spyware/
🎖@malwr
Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil.
https://blog.talosintelligence.com/intellexa-and-cytrox-intel-agency-grade-spyware/
🎖@malwr
Cisco Talos Blog
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware
Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil.
Advanced Frida Usage Part 6 – Utilising writers
https://8ksec.io/advanced-frida-usage-part-6-utilising-writers/?utm_source=rss&utm_medium=rss&utm_campaign=advanced-frida-usage-part-6-utilising-writers
🎖@malwr
https://8ksec.io/advanced-frida-usage-part-6-utilising-writers/?utm_source=rss&utm_medium=rss&utm_campaign=advanced-frida-usage-part-6-utilising-writers
🎖@malwr
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Advanced Frida Usage Part 6 – Utilizing writers - 8kSec
Welcome to another blog post in our series on Advanced Frida Usage. Frida supports a number of different writers for different CPU architectures, such as X86Writer for x86 and Arm64Writer for AArch64. In this tutorial, we will cover the Arm64Writer on iOS…
👍2
The Rising Threat of Phishing Attacks with Crypto Drainers
https://research.checkpoint.com/2023/the-rising-threat-of-phishing-attacks-with-crypto-drainers/
🎖@malwr
https://research.checkpoint.com/2023/the-rising-threat-of-phishing-attacks-with-crypto-drainers/
🎖@malwr
Check Point Research
The Rising Threat of Phishing Attacks with Crypto Drainers - Check Point Research
By Oded Vanunu, Dikla Barda, Roman Zaikin Unmasking Deceptive Tactics: A recent investigation by Check Point Research exposes a troubling trend in the cryptocurrency landscape. The cryptocurrency community has been witnessing an alarming increase in sophisticated…
Stealth Backdoor “Android/Xamalicious” Actively Infecting Devices
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/stealth-backdoor-android-xamalicious-actively-infecting-devices/
🎖@malwr
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/stealth-backdoor-android-xamalicious-actively-infecting-devices/
🎖@malwr
McAfee Blog
Stealth Backdoor “Android/Xamalicious” Actively Infecting Devices | McAfee Blog
Authored by Fernando Ruiz McAfee Mobile Research Team identified an Android backdoor implemented with Xamarin, an open-source framework that allows
👍2
Ransomware’s Christmas Carol
Around mid-year, Lab52 published a report on ransomware that included both geopolitical and cyber intelligence content. The report includes the analysis of different sources of information and showcasing some of our cyberintelligence findings in this regard. However, the activity of this type of malware prompts Lab52 to closely track the various recorded cases. Therefore, taking...
https://lab52.io/blog/ransomware-2023/
🎖@malwr
Around mid-year, Lab52 published a report on ransomware that included both geopolitical and cyber intelligence content. The report includes the analysis of different sources of information and showcasing some of our cyberintelligence findings in this regard. However, the activity of this type of malware prompts Lab52 to closely track the various recorded cases. Therefore, taking...
https://lab52.io/blog/ransomware-2023/
🎖@malwr
lab52.io
Ransomware’s Christmas Carol
2023-12-29 - GootLoader infection
https://www.malware-traffic-analysis.net/2023/12/29/index.html
🎖@malwr
https://www.malware-traffic-analysis.net/2023/12/29/index.html
🎖@malwr
Technical Advisory – Multiple Vulnerabilities in PandoraFMS Enterprise
https://research.nccgroup.com/2024/01/02/technical-advisory-multiple-vulnerabilities-in-pandorafms-enterprise/
🎖@malwr
https://research.nccgroup.com/2024/01/02/technical-advisory-multiple-vulnerabilities-in-pandorafms-enterprise/
🎖@malwr
Hunting for Cobalt Strike in PCAP
In this video I analyze a pcap file from Triage with network traffic from Cobalt Strike Beacon using CapLoader. The video cannot be played in your browser. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Future's Triage sandbox. Cobalt Strike Beacon configs can also be...
https://www.netresec.com/?page=Blog&month=2024-01&post=Hunting-for-Cobalt-Strike-in-PCAP
🎖@malwr
In this video I analyze a pcap file from Triage with network traffic from Cobalt Strike Beacon using CapLoader. The video cannot be played in your browser. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Future's Triage sandbox. Cobalt Strike Beacon configs can also be...
https://www.netresec.com/?page=Blog&month=2024-01&post=Hunting-for-Cobalt-Strike-in-PCAP
🎖@malwr
Netresec
Hunting for Cobalt Strike in PCAP
In this video I analyze a pcap file with network traffic from Cobalt Strike Beacon using CapLoader. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Futures Triage sandbox. Cobalt Strike Beacon configs can also be extracted locally…
The Artemis security scanner
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions. Thanks to its modular architecture, it can be used to combine the results of various other tools in a single dashboard.
https://cert.pl/en/posts/2024/01/artemis-security-scanner/
🎖@malwr
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions. Thanks to its modular architecture, it can be used to combine the results of various other tools in a single dashboard.
https://cert.pl/en/posts/2024/01/artemis-security-scanner/
🎖@malwr
cert.pl
The Artemis security scanner
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions.…
Private Eyes: China’s Embrace of Open-Source Military Intelligence
Using advanced technology, the People's Liberation Army (PLA) leverages open-source intelligence (OSINT) for military advantage.
https://www.recordedfuture.com/blog/private-eyes-chinas-embrace-open-source-military-intelligence
🎖@malwr
Using advanced technology, the People's Liberation Army (PLA) leverages open-source intelligence (OSINT) for military advantage.
https://www.recordedfuture.com/blog/private-eyes-chinas-embrace-open-source-military-intelligence
🎖@malwr
North Korea’s Cyber Strategy
Insikt Group analysis reveals that North Korea uses a cyber strategy centered around aggressive data collection and financial theft to primarily target Asia.
https://www.recordedfuture.com/blog/north-koreas-cyber-strategy
🎖@malwr
Insikt Group analysis reveals that North Korea uses a cyber strategy centered around aggressive data collection and financial theft to primarily target Asia.
https://www.recordedfuture.com/blog/north-koreas-cyber-strategy
🎖@malwr
The Escalating Global Risk Environment for Submarine Cables
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/blog/escalating-global-risk-environment-submarine-cables
🎖@malwr
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/blog/escalating-global-risk-environment-submarine-cables
🎖@malwr
Hamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat Activity
Insikt Group identified an application disseminated on a Telegram Channel used by members or supporters of the Hamas terrorist organization
https://www.recordedfuture.com/blog/hamas-application-infrastructure-reveals-possible-overlap-tag-63-iranian-threat-activity
🎖@malwr
Insikt Group identified an application disseminated on a Telegram Channel used by members or supporters of the Hamas terrorist organization
https://www.recordedfuture.com/blog/hamas-application-infrastructure-reveals-possible-overlap-tag-63-iranian-threat-activity
🎖@malwr
Recordedfuture
Hamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat Activity | Recorded Future
Insikt Group identified an application disseminated on a Telegram Channel used by members or supporters of the Hamas terrorist organization
Putin’s Potential Successors Part 2: Aleksey Dyumin
Explore Aleksey Dyumin, potential successor to Putin as Russian president, including his political strengths, weaknesses, and implications for Russia's future.
https://www.recordedfuture.com/blog/putins-potential-successors-part-2-aleksey-dyumin
🎖@malwr
Explore Aleksey Dyumin, potential successor to Putin as Russian president, including his political strengths, weaknesses, and implications for Russia's future.
https://www.recordedfuture.com/blog/putins-potential-successors-part-2-aleksey-dyumin
🎖@malwr
👎2
The Escalating Global Risk Environment for Submarine Cables
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/escalating-global-risk-environment-submarine-cables
🎖@malwr
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/escalating-global-risk-environment-submarine-cables
🎖@malwr
Explained: SMTP smuggling
https://www.malwarebytes.com/blog/news/2024/01/explained-smtp-smuggling
🎖@malwr
https://www.malwarebytes.com/blog/news/2024/01/explained-smtp-smuggling
🎖@malwr
ThreatDown by Malwarebytes
Explained: SMTP smuggling - ThreatDown by Malwarebytes
Researchers have found flaws in the way SMTP servers handle messages, allowing them to send spoofed emails to and from targets.