Ransomwareโs Christmas Carol
Around mid-year, Lab52 published a report on ransomware that included both geopolitical and cyber intelligence content. The report includes the analysis of different sources of information and showcasing some of our cyberintelligence findings in this regard. However, the activity of this type of malware prompts Lab52 to closely track the various recorded cases. Therefore, taking...
https://lab52.io/blog/ransomware-2023/
๐@malwr
Around mid-year, Lab52 published a report on ransomware that included both geopolitical and cyber intelligence content. The report includes the analysis of different sources of information and showcasing some of our cyberintelligence findings in this regard. However, the activity of this type of malware prompts Lab52 to closely track the various recorded cases. Therefore, taking...
https://lab52.io/blog/ransomware-2023/
๐@malwr
lab52.io
Ransomwareโs Christmas Carol
2023-12-29 - GootLoader infection
https://www.malware-traffic-analysis.net/2023/12/29/index.html
๐@malwr
https://www.malware-traffic-analysis.net/2023/12/29/index.html
๐@malwr
Technical Advisory โ Multiple Vulnerabilities in PandoraFMS Enterprise
https://research.nccgroup.com/2024/01/02/technical-advisory-multiple-vulnerabilities-in-pandorafms-enterprise/
๐@malwr
https://research.nccgroup.com/2024/01/02/technical-advisory-multiple-vulnerabilities-in-pandorafms-enterprise/
๐@malwr
Hunting for Cobalt Strike in PCAP
In this video I analyze a pcap file from Triage with network traffic from Cobalt Strike Beacon using CapLoader. The video cannot be played in your browser. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Future's Triage sandbox. Cobalt Strike Beacon configs can also be...
https://www.netresec.com/?page=Blog&month=2024-01&post=Hunting-for-Cobalt-Strike-in-PCAP
๐@malwr
In this video I analyze a pcap file from Triage with network traffic from Cobalt Strike Beacon using CapLoader. The video cannot be played in your browser. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Future's Triage sandbox. Cobalt Strike Beacon configs can also be...
https://www.netresec.com/?page=Blog&month=2024-01&post=Hunting-for-Cobalt-Strike-in-PCAP
๐@malwr
Netresec
Hunting for Cobalt Strike in PCAP
In this video I analyze a pcap file with network traffic from Cobalt Strike Beacon using CapLoader. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Futures Triage sandbox. Cobalt Strike Beacon configs can also be extracted locallyโฆ
The Artemis security scanner
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions. Thanks to its modular architecture, it can be used to combine the results of various other tools in a single dashboard.
https://cert.pl/en/posts/2024/01/artemis-security-scanner/
๐@malwr
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions. Thanks to its modular architecture, it can be used to combine the results of various other tools in a single dashboard.
https://cert.pl/en/posts/2024/01/artemis-security-scanner/
๐@malwr
cert.pl
The Artemis security scanner
Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions.โฆ
Private Eyes: Chinaโs Embrace of Open-Source Military Intelligence
Using advanced technology, the People's Liberation Army (PLA) leverages open-source intelligence (OSINT) for military advantage.
https://www.recordedfuture.com/blog/private-eyes-chinas-embrace-open-source-military-intelligence
๐@malwr
Using advanced technology, the People's Liberation Army (PLA) leverages open-source intelligence (OSINT) for military advantage.
https://www.recordedfuture.com/blog/private-eyes-chinas-embrace-open-source-military-intelligence
๐@malwr
North Koreaโs Cyber Strategy
Insikt Group analysis reveals that North Korea uses a cyber strategy centered around aggressive data collection and financial theft to primarily target Asia.
https://www.recordedfuture.com/blog/north-koreas-cyber-strategy
๐@malwr
Insikt Group analysis reveals that North Korea uses a cyber strategy centered around aggressive data collection and financial theft to primarily target Asia.
https://www.recordedfuture.com/blog/north-koreas-cyber-strategy
๐@malwr
The Escalating Global Risk Environment for Submarine Cables
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/blog/escalating-global-risk-environment-submarine-cables
๐@malwr
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/blog/escalating-global-risk-environment-submarine-cables
๐@malwr
Hamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat Activity
Insikt Group identified an application disseminated on a Telegram Channel used by members or supporters of the Hamas terrorist organization
https://www.recordedfuture.com/blog/hamas-application-infrastructure-reveals-possible-overlap-tag-63-iranian-threat-activity
๐@malwr
Insikt Group identified an application disseminated on a Telegram Channel used by members or supporters of the Hamas terrorist organization
https://www.recordedfuture.com/blog/hamas-application-infrastructure-reveals-possible-overlap-tag-63-iranian-threat-activity
๐@malwr
Recordedfuture
Hamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat Activity | Recorded Future
Insikt Group identified an application disseminated on a Telegram Channel used by members or supporters of the Hamas terrorist organization
Putinโs Potential Successors Part 2: Aleksey Dyumin
Explore Aleksey Dyumin, potential successor to Putin as Russian president, including his political strengths, weaknesses, and implications for Russia's future.
https://www.recordedfuture.com/blog/putins-potential-successors-part-2-aleksey-dyumin
๐@malwr
Explore Aleksey Dyumin, potential successor to Putin as Russian president, including his political strengths, weaknesses, and implications for Russia's future.
https://www.recordedfuture.com/blog/putins-potential-successors-part-2-aleksey-dyumin
๐@malwr
๐2
The Escalating Global Risk Environment for Submarine Cables
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/escalating-global-risk-environment-submarine-cables
๐@malwr
Explore the rising global risks to submarine cables from geopolitical tension, cyber threats, and expanding tech giant ownership.
https://www.recordedfuture.com/escalating-global-risk-environment-submarine-cables
๐@malwr
Explained: SMTP smuggling
https://www.malwarebytes.com/blog/news/2024/01/explained-smtp-smuggling
๐@malwr
https://www.malwarebytes.com/blog/news/2024/01/explained-smtp-smuggling
๐@malwr
ThreatDown by Malwarebytes
Explained: SMTP smuggling - ThreatDown by Malwarebytes
Researchers have found flaws in the way SMTP servers handle messages, allowing them to send spoofed emails to and from targets.
Cracking the 2023 SANS Holiday Hack Challenge
From ChatNPT to Game Boys and space apps, this yearโs challenge took us to the Geese Islands for another rollicking romp of fun
https://www.welivesecurity.com/en/cybersecurity/cracking-2023-sans-holiday-hack-challenge/
๐@malwr
From ChatNPT to Game Boys and space apps, this yearโs challenge took us to the Geese Islands for another rollicking romp of fun
https://www.welivesecurity.com/en/cybersecurity/cracking-2023-sans-holiday-hack-challenge/
๐@malwr
Welivesecurity
Cracking the 2023 SANS Holiday Hack Challenge
From ChatNPT to Game Boys and space apps, the 2023 SANS Holiday Hack Challenge took us to the Geese Islands for another rollicking romp of fun
Video series discussing the major threat actor trends from 2023
In this video series, Talosโ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the past year.
https://blog.talosintelligence.com/video-series/
๐@malwr
In this video series, Talosโ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the past year.
https://blog.talosintelligence.com/video-series/
๐@malwr
Cisco Talos Blog
Video series discussing the major threat actor trends from 2023
In this video series, Talosโ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the past year.
.NET Hooking โ Harmonizing Managed Territory
https://research.checkpoint.com/2024/net-hooking-harmonizing-managed-territory/
๐@malwr
https://research.checkpoint.com/2024/net-hooking-harmonizing-managed-territory/
๐@malwr
Check Point Research
.NET Hooking - Harmonizing Managed Territory - Check Point Research
Research by: Jiri Vinopal Key Points Introduction For a malware researcher, analyst, or reverse engineer, the ability to alter the functionality of certain parts of code is a crucial step, often necessary to reach a meaningful result during the analysis process.โฆ
Charting Chinaโs Climb as a Leading Global Cyber Power
Chinese state-sponsored cyber operations have transformed, emerging as a more mature, stealthy, and coordinated threat than in previous years.
https://www.recordedfuture.com/charting-chinas-climb-leading-global-cyber-power
๐@malwr
Chinese state-sponsored cyber operations have transformed, emerging as a more mature, stealthy, and coordinated threat than in previous years.
https://www.recordedfuture.com/charting-chinas-climb-leading-global-cyber-power
๐@malwr
How to detect Flipper Zero and Bluetooth advertisement attacks using Android app
https://www.mobile-hacker.com/2024/01/09/how-to-detect-flipper-zero-and-bluetooth-advertisement-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-detect-flipper-zero-and-bluetooth-advertisement-attacks
๐@malwr
https://www.mobile-hacker.com/2024/01/09/how-to-detect-flipper-zero-and-bluetooth-advertisement-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-detect-flipper-zero-and-bluetooth-advertisement-attacks
๐@malwr
Mobile Hacker
How to detect Flipper Zero and Bluetooth advertisement attacks using Android app Mobile Hacker
In October 2023, was in Flipper Zeroโs unofficial Xtreme firmware implemented functionality that would perform Denial of Service attack (DoS) that resulted in freezing and crashing any iPhones running the latest iOS 17. This bug was fixed in December 2023โฆ
New decryptor for Babuk Tortilla ransomware variant released
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor.
https://blog.talosintelligence.com/decryptor-babuk-tortilla/
๐@malwr
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor.
https://blog.talosintelligence.com/decryptor-babuk-tortilla/
๐@malwr
Cisco Talos Blog
New decryptor for Babuk Tortilla ransomware variant released
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor.
Rust for Security and Correctness in the embedded world
https://research.nccgroup.com/2024/01/09/rust-for-security-and-correctness-in-the-embedded-world/
๐@malwr
https://research.nccgroup.com/2024/01/09/rust-for-security-and-correctness-in-the-embedded-world/
๐@malwr
NCC Group Research Blog
Rust for Security and Correctness in the embedded world
Increasingly large companies are utilising Rust in their systems, either existing or new. Most uses focus on how it can help in managed environments, such as within a system with a rโฆ