bluepurple.binaryfirefly.com Bluepurple Pulse: week ending June 25th
DDoS can have global cloud scale impact in 2023..
Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives
research.checkpoint.com Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives - Check Point Research
Executive summary Introduction In early 2023, CPIRT investigated an incident at a European hospital. The investigation showed that the malicious activity observed was likely not targeted but was simply collateral damage from Camaro Dragon’s self-propagating malware infections spreading via USB drive...
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries
www.bitdefender.com Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads
In June 2023, Bitdefender Labs published a research paper about espionage operation in East Asia.
BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities
www.cid.army.mil CID Lookout: Unsolicited Smartwatches Received by Mail
Service members across the military have reported receiving smartwatches unsolicited in the mail. These smartwatches, when used, have auto-connected to Wi-Fi and began connecting to cell phones
win32-app-isolation: Tools and documentation for Win32 app isolation
github.com GitHub - microsoft/win32-app-isolation: Tools and documentation for Win32 app isolation
Tools and documentation for Win32 app isolation. Contribute to microsoft/win32-app-isolation development by creating an account on GitHub.
openfire鉴权绕过漏洞原理解析 - Openfire Authentication Bypass Vulnerability Principle Analysis
mp-weixin-qq-com.translate.goog openfire鉴权绕过漏洞原理解析
Openfire是根据开放源 Apache 许可获得许可的实时协作(RTC)服务器。它使用唯一被广泛采用的用于即时消息的开放协议 XMPP(也称为 Jabber)。Openfire 的设置和管理非常简单,但是却提供了坚实的安全性和性能。
Korean reporting on the Lazarus fake recruiter campaign implant
한국내 macOS 이용자를 노린 APT37 공격 등장 - APT37 attack targeting macOS users in Korea
blog.virustotal.com Inside of the WASP's nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI , arguably the most important Python repository, a...
Uncovering a New Activity Group Targeting Governments in the Middle East and Africa - Palo Alto Networks Blog
www.paloaltonetworks.com Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa - Palo Alto Networks Blog
This blog is about a new activity group that was observed targeting governments in the Middle East and Africa with some rare TTPs.
Resident Campaign
www.esentire.com eSentire Threat Intelligence Malware Analysis: Resident Campaign
Learn about the Resident campaign and the threat actor's use of Rhamadanthys stealer in this malware analysis from Threat Response Unit (TRU).
rusi.org The Experience of Cybercrime in Georgia: Awareness, Victimisation and Reporting
This paper establishes an independent evidence base on the experience and perception of cybercrime and online harms in Georgia, with a focus on how and why certain groups are more vulnerable.
bitdefender.com Fragments of Cross-Platform Backdoor Hint at Larger Mac OS Attack
During routine detection maintenance, our Mac researchers stumbled upon a small set of files with backdoor capabilities that seem to form part of a more complex malware toolkit.
DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store
www.cyfirma.com DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store - CYFIRMA
EXECUTIVE SUMMARY The team at CYFIRMA recently obtained suspicious Android apps hosted on the Google Play Store under the account...
Khashoggi’s widow sues Israeli firm over spyware she says ruined her life - In the lawsuit, Hanan Elatr says Saudi Arabia used NSO’s Pegasus spyware to track her and her husband’s whereabouts
apnews.com China calls hacking report 'far-fetched' and accuses the US of targeting the cybersecurity industry
China's government has rejected as “far-fetched and unprofessional” a report by a U.S. security firm that blamed Chinese-linked hackers for attacks on hundreds of public agencies, schools and other targets around the world.
