Uhaul was breached. 13GBs of data was exfiltrated from their SharePoint. Initial access was granted by social engineering an employee through text messages.
tl;dr another day in Shangri-La
tl;dr another day in Shangri-La
β€32π―14π6π±5π3π€£2
CloudFlare did a blog yesterday about how the company they use (Okta) was breached (again) and how the Threat Actor tried to pivot into their network (again) and how they mitigated it (again).
The blog gives recommendations to Okta ππ
https://blog.cloudflare.com/how-cloudflare-mitigated-yet-another-okta-compromise/
The blog gives recommendations to Okta ππ
https://blog.cloudflare.com/how-cloudflare-mitigated-yet-another-okta-compromise/
The Cloudflare Blog
How Cloudflare mitigated yet another Okta compromise
On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta. We have verified that no Cloudflare customer information or systems were impacted by this event because of our rapid response.
π€£68β€6π6β€βπ₯2
Luckily, even though their stock fell 11%, they're saving money. They laid off their entire internal Red Team in March because ???
Who needs internal security audits anyway???
Who needs internal security audits anyway???
π€£120π±6π«‘5π3π’2β€1
Coding malware is good for you.
- Teaches you low level programming concepts
- Helps get a better understanding of computer security
- Can help improve reverse engineering skills
- Improves focus, attention to detail, critical thinking skills
- Teaches you low level programming concepts
- Helps get a better understanding of computer security
- Can help improve reverse engineering skills
- Improves focus, attention to detail, critical thinking skills
β€152π―30π16π6π6π€5
Not everyone who codes malware is a bad person. Is every person who admires the engineering behind weapons a dangerous person? No.
Also, the engineering behind the AK47 is badass.
https://youtu.be/_eQLFVpOYm4
Also, the engineering behind the AK47 is badass.
https://youtu.be/_eQLFVpOYm4
YouTube
How an AK-47 Works
A 3D animation created in Cinema 4D and After Effects showing how an AK-47 rifle works. Corona renderer was used in order to create realistic materials and reflections.
Get a miniature AK-47 replica! https://amzn.to/43Mz2AI
Interested in licensing my animationβ¦
Get a miniature AK-47 replica! https://amzn.to/43Mz2AI
Interested in licensing my animationβ¦
β€75π―18π9π€£7π€3π2π€2π’1
Seeing non-technical people seriously discussing malware will tempt you into diving face first into a woodchipper
π₯78π€£40π9β€βπ₯6π’5π3π―3
> post learning to code malware has its perk
> people comment lack of resources
...
> 11,372 malware papers
> 7,125 old-school-cool archived malware works
> 37,745 papers on state-sponsored malware
> 3,173 malware source code projects
NOT ENOUGH RESOURCES?! DO WE NEED MORE?!
> people comment lack of resources
...
> 11,372 malware papers
> 7,125 old-school-cool archived malware works
> 37,745 papers on state-sponsored malware
> 3,173 malware source code projects
NOT ENOUGH RESOURCES?! DO WE NEED MORE?!
π€£74β€25π14π4π€―2π₯1
Security Researcher ValdikSS discovered German law enforcement have been MITM-ing XMPP data from jabber-dot-ru for the past 90 days. ValdikSS believes the MITM on jabber-dot-ru could have been persistent for atleast 6 months.
https://notes.valdikss.org.ru/jabber.ru-mitm/
https://notes.valdikss.org.ru/jabber.ru-mitm/
π€―51π10β€βπ₯8π€£6π«‘6π3π±3π€2π€2
Today an individual known online as "Tongue" was sentenced to 13.3 years in prison for advertising (and carrying out) Violence-as-a-Service on Telegram and Discord.
He is 22 years old. He will be released when he is 35 in 2037.
More information: https://krebsonsecurity.com/2023/10/nj-man-hired-online-to-firebomb-shoot-at-homes-gets-13-years-in-prison/
He is 22 years old. He will be released when he is 35 in 2037.
More information: https://krebsonsecurity.com/2023/10/nj-man-hired-online-to-firebomb-shoot-at-homes-gets-13-years-in-prison/
Krebs on Security
NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison
A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 storyβ¦
π€£80π€―11π±10β€4π«‘4π3π1π1
We'd like to note there isn't anything necessarily wrong with an enterprise environment using MalwareBytes, but it just seemed kind of odd to specifically note the usage of the free version... or even the specific AV itself.
π€53π13π€£3π₯2β€βπ₯1
We've updated the vx-underground Windows malware paper collection
- 2022-03-11 - AV and EDR Evasion Using Direct System Calls
- 2023-04-18 - Process injection in 2023 - evading leading EDRs
- 2023-07-25 - Prefetch - The Little Snitch That Tells on You
https://vx-underground.org/
- 2022-03-11 - AV and EDR Evasion Using Direct System Calls
- 2023-04-18 - Process injection in 2023 - evading leading EDRs
- 2023-07-25 - Prefetch - The Little Snitch That Tells on You
https://vx-underground.org/
π«‘35β€βπ₯8π4β€2π₯2
Yeah, we got compromised by APT29, but luckily MalwareBytesβ’ FREE AV stopped the Kremlin in their tracks! To be extra safe, we swung by the local Hilton Hotel and used their WiFi to install it
π€£121π10β€8π₯2π€2
Everyone knows Russians can't visit Hilton Hotels. They're too decadent. They instantly explode and turn into sand.
π€£87π8π€5β€βπ₯3π―3π1π’1π1π€1
The vx-underground podcast - but instead of discussing anything technical or meaningful we mumble incomprehensible nonsense for an hour and express our misanthropy in form of creative dance
π56π13β€5π₯°3π€2π₯1