IOC.ONE
OSINT Cyber Threat Intelligence Database
05.12.2024 | tistory.com
APT 김수키(Kimsuky)에서 만든 악성코드-pay.bat(2024.11,27)

오늘은 APT 김수키(Kimsuky)에서 만든 악성코드-pay.bat(2024.11,27)에 대해 글을 적어 보겠습니다.해당 악성코드는 배치 파일을 악용하는 것이 특징이면 일단 실행이 되면 현재 폭파된 드롭박스에서 무엇가 다운로드 하는 것 같습니다.해시파일명: pay.bat사이즈:1,687 BytesMD5:b262ac518c0114f414aaedbb4ef7c728SHA-1:fd02470c6cc4ceb5fad3589d02e5148a8c738b83SHA-256:8e0eb0d36bfd4e28ec6a10acccf899740df704845…

Details & Relations Graph Source
04.12.2024 | socradar.io
Veeam Service Provider Console (VSPC) Users Urged to Patch CVE-2024-42448 and CVE-2024-42449 - SOCRadar® Cyber Intelligence Inc.

Veeam has recently released patches addressing two serious security vulnerabilities in its Service Provider Console (VSPC), a critical tool for monitoring and

Details & Relations Graph Source
04.12.2024 | malware.news
Sichuan Silence Information Technology: Great Sounds are Often Inaudible

For five long years, Sophos, a United Kingdom (UK)-based information security company, battled Chinese nation-state threat actors who lobbed “botnets, novel exploits, and bespoke malware” against the company’s firewalls and other perimeter devices. Sophos described this battle in its October 2024 “…

Details & Relations Graph Source
04.12.2024 | malware.news
Snowblind: The Invisible Hand of Secret Blizzard

Executive Summary Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday! Enroll Now and Save 10%: Coupon Code MWNEWS10 Note…

Details & Relations Graph Source
04.12.2024 | centurylink.com
Snowblind: The Invisible Hand of Secret Blizzard - Lumen Blog

A prolinged espionage campaign by Russian threat group Turla to penetrate Pakistani targets and the Pakistanis themselves

Details & Relations Graph Source
04.12.2024 | medium.com
🚨 Critical RCE Vulnerability in Veeam Service Provider Console — Update Now! 🛡️ 🚨

WIRE TOR — The Ethical Hacking Services

Details & Relations Graph Source
04.12.2024 | domaintools.com
The Rise of Holiday Scams and State-Sponsored Cyber Threats

Cyber threats never take a holiday, and in this week’s episode, the Breaking Badness team explores how the festive season becomes a playground for cybercriminals.

Details & Relations Graph Source
04.12.2024 | rapid7.com
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware | Rapid7 Blog

Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators.

Details & Relations Graph Source
04.12.2024 | securityaffairs.com
Veeam addressed critical Service Provider Console (VSPC) bug

Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code.

Details & Relations Graph Source
04.12.2024 | medium.com
Cyber Briefing: 2024.12.04

👉 What’s trending in cybersecurity today?

Details & Relations Graph Source
04.12.2024 | socradar.io
Old Cisco ASA Vulnerability (CVE-2014-2120) Fuels Androxgh0st Botnet Activity - SOCRadar® Cyber Intelligence Inc.

Androxgh0st botnet has been observed exploiting the flaw in Cisco ASA, alongside others, to enable unauthorized access and malware...

Details & Relations Graph Source
04.12.2024 | malware.news
Vulnerabilities in ICS: A Detailed Analysis of Recent Security Advisories and Threats

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday! Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: This is an affili…

Details & Relations Graph Source
04.12.2024 | malware.news
Veeam Service Provider Console (VSPC) Users Urged to Patch CVE-2024-42448 and CVE-2024-42449

Veeam Service Provider Console (VSPC) Users Urged to Patch CVE-2024-42448 and CVE-2024-42449 Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Fr…

Details & Relations Graph Source
04.12.2024 | jfrog.com
Machine Learning Bug Bonanza - Exploiting ML Clients and “Safe” Model Formats

Protect your AI/ML development environment with JFrog Security Research's recent discovery of vulnerabilities in ML clients and "safe" model formats.

Details & Relations Graph Source
04.12.2024 | malware.news
Old Cisco ASA Vulnerability (CVE-2014-2120) Fuels Androxgh0st Botnet Activity

Old Cisco ASA Vulnerability (CVE-2014-2120) Fuels Androxgh0st Botnet Activity Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber …

Details & Relations Graph Source
04.12.2024 | medium.com
Unmasking APT1: The World’s Most Prolific Advanced Persistent Threat

Cyber Threat Intelligence Report on Advanced Persistent Threats: (APT1)

Details & Relations Graph Source
04.12.2024 | medium.com
ANÁLISIS: LUMMA STEALER

Objetivo

Details & Relations Graph Source
04.12.2024 | securityaffairs.com
U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog

U.S.CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog.

Details & Relations Graph Source
04.12.2024 | qualys.com
Progress WhatsUp Gold Remote Code Execution Vulnerability (CVE-2024-8785) – Qualys ThreatPROTECT
Details & Relations Graph Source
04.12.2024 | cybersrcc.com
AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections - CyberSRC

The Social Design Agency (SDA), a Moscow-based company, has been identified as conducting Operation Undercut, a sophisticated disinformation campaign aimed […]

Details & Relations Graph Source
04.12.2024 | medium.com
SMB Relay to Reverse Shells: Initial Attack Vector Evading AV

Setup & Summary

Details & Relations Graph Source
04.12.2024 | cyble.com
CISA Alerts New ICS Vulnerabilities Across Products

CISA alerts users about the latest ICS vulnerabilities in Schneider Electric & Hitachi Energy systems.

Details & Relations Graph Source
04.12.2024 | seqrite.com
XWorm Malware Analysis: New Tricks for an Old Payload

Delve into the technical details of the XWorm malware, exploring its multi-stage infection chain, payload delivery, and evasion techniques. Learn how to protect your systems against this persistent threat.

Details & Relations Graph Source
04.12.2024 | anquanke.com
保护您的网络: Zyxel 发布固件更新-安全客 - 安全资讯平台

安全客 - 安全资讯平台

Details & Relations Graph Source
04.12.2024 | bleepingcomputer.com
Japan warns of IO-Data zero-day router flaws exploited in attacks

Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall.

Details & Relations Graph Source
04.12.2024 | crowdstrike.com
The Rise of Cross-Domain Attacks Demands a Unified Defense | CrowdStrike

Cross-domain threats exploit gaps across endpoint, identity, and cloud systems. Learn how to detect, analyze, and respond to these stealthy attacks with speed and precision.

Details & Relations Graph Source
04.12.2024 | trendmicro.com
The Road to Agentic AI: Exposed Foundations

Our research into Retrieval Augmented Generation (RAG) systems uncovered at least 80 unprotected servers. We highlight this problem, which can lead to potential data loss and unauthorized access.

Details & Relations Graph Source
04.12.2024 | jvn.jp
JVN#46615026: Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX
Details & Relations Graph Source
04.12.2024 | intel471.com
Fog Ransomware

Intel 471 empowers cybersecurity teams worldwide to be proactive with its TITAN platform and comprehensive coverage into the criminal underground.

Details & Relations Graph Source
04.12.2024 | intel471.com
Salt Typhoon Threat Group

Intel 471 empowers cybersecurity teams worldwide to be proactive with its TITAN platform and comprehensive coverage into the criminal underground.

Details & Relations Graph Source
04.12.2024 | bleepingcomputer.com
Russian hackers hijack Pakistani hackers' servers for their own attacks

The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks.

Details & Relations Graph Source
04.12.2024 | ssi.gouv.fr
Multiples vulnérabilités dans les produits Veeam - CERT-FR
Details & Relations Graph Source
04.12.2024 | cyberscoop.com
Russian-linked Turla caught using Pakistani APT infrastructure for espionage

A Russian cyber-espionage group has been caught using networks associated with a Pakistani-based APT group.

Details & Relations Graph Source
04.12.2024 | ssi.gouv.fr
Multiples vulnérabilités dans HPE Aruba Networking ClearPass Policy Manager - CERT-FR
Details & Relations Graph Source
03.12.2024 | malware.news
Extending Falco for Salesforce

As many in the CNCF community know, Falco’s flexibility can be extended through Plugins, allowing users to build custom integrations to meet their unique security needs. Plugins extend the core functionalities of Falco, enabling new event sources and detection capabilities. This flexibility is espe…

Details & Relations Graph Source
03.12.2024 | rapid7.com
Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED) | Rapid7 Blog

The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. As of December 3, 2024, we are disclosing these issues publicly in coordination with the vendor.

Details & Relations Graph Source
03.12.2024 | thescif.org
NSI Experts in the News — All Things National Security

In a world that is always changing, NSI experts offer insight on critical stories in the news. Please continue reading for their take on…

Details & Relations Graph Source
03.12.2024 | medium.com
Building a Natural Language Interface for Shodan’s InternetDB API

Building a natural language interface for Shodan’s InternetDB API revealed how crucial prompt engineering is for getting useful security…

Details & Relations Graph Source
03.12.2024 | redpacketsecurity.com
CISA: CISA Releases Eight Industrial Control Systems Advisories - RedPacket Security

CISA Releases Eight Industrial Control Systems Advisories

Details & Relations Graph Source
03.12.2024 | socradar.io
Most Exploited Vulnerabilities of 2023 (Insights to Define Cybersecurity in 2025) - SOCRadar® Cyber Intelligence Inc.

The majority of the most frequently exploited vulnerabilities in 2023 were initially exploited as zero-days—an alarming shift from the previous year...

Details & Relations Graph Source
03.12.2024 | mdsec.co.uk
Extracting Account Connectivity Credentials (ACCs) from Symantec Management Agent (aka Altiris) - MDSec

Introduction On a recent Red Team for a particularly hardened client, we were looking to escalate our privileges in order to move off the endpoint and pivot into the server...

Details & Relations Graph Source
03.12.2024 | socprime.com
SmokeLoader Malware Detection: Notorious Loader Reemerges to Target Companies in Taiwan - SOC Prime

Detect SmokeLoader malware targeting organizations in Taiwan with a set of curated Sigma rules from SOC Prime Platform.

Details & Relations Graph Source
03.12.2024 | malware.news
Inside Akira Ransomware’s Rust Experiment

Executive Summary Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday! Enroll Now and Save 10%: Coupon Code MWNEWS10 Note…

Details & Relations Graph Source
03.12.2024 | checkpoint.com
Inside Akira Ransomware's Rust Experiment - Check Point Research

Executive Summary Introduction Earlier this year, Talos published an update on the ongoing evolution of Akira ransomware-as-a-service (RaaS) that has become one of the more prominent players in the current ransomware landscape. According to this update, for a while in early 2024, Akira affiliates e…

Details & Relations Graph Source
03.12.2024 | malware.news
Most Exploited Vulnerabilities of 2023 (Insights to Define Cybersecurity in 2025)

Most Exploited Vulnerabilities of 2023 (Insights to Define Cybersecurity in 2025) Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cy…

Details & Relations Graph Source
03.12.2024 | medium.com
Phishing Threat Investigation with TI Lookup: Expert Use Cases

TI Lookup from ANY.RUN is a versatile tool for gathering up-to-date intelligence on the latest cyber threats. The best way to demonstrate…

Details & Relations Graph Source
03.12.2024 | malware.news
Stealth, Scale, and Strategy: Exploring China’s Covert Network Tactics

Hello to all our Cyber Frogs! Join host Selena Larson and guest host, Sarah Sabotka, explore the evolving tactics of China-based nation-state threat actors with guest Mark Kelly, Staff Threat Researcher at Proofpoint. They focus on TA415 (APT41 or Brass Typhoon), examining its combination of cyberc…

Details & Relations Graph Source
03.12.2024 | medium.com
Tuesday Morning Threat Report: Dec 3, 2024

INTERPOL operation nabs 1,000 suspects, hacking kits bypass MFA protections, and a cyberattack sends U.K. hospitals back to pen and paper

Details & Relations Graph Source
03.12.2024 | tistory.com
텔레그램을 사칭을 하는 정체 모를 APT-Telegram.txt.lnk(2024.11.27)

오늘은 텔레그램으로 속이는 정체 모를 APT-Telegram(.)txt(.)lnk(2024.11.27)에 대해 알아보겠습니다.텔레그램은 2013년 8월 14일에 출시하고 개발 및 운영 중인 오픈 소스 모바일 메신저이며 러시아 태생의 니콜라이 두로프(Николай Дуров, Nikolai Durov),파벨 두로프 형제가 개발하여 2013년 8월에 iOS용으로 처음 출시 현재는 안드로이드·Windows, Windows Phone,리눅스,macOS,브라우저까지 지원하는 메신저이며 한때에는 카카오 톡 사찰 논란이 터지자 많은 사람이 사…

Details & Relations Graph Source
03.12.2024 | anquanke.com
新型 Ymir 勒索软件利用内存进行隐蔽攻击;目标是企业网络-安全客 - 安全资讯平台

安全客 - 安全资讯平台

Details & Relations Graph Source
03.12.2024 | anquanke.com
从美国到阿联酋: APT35 扩大网络间谍活动范围-安全客 - 安全资讯平台

安全客 - 安全资讯平台

Details & Relations Graph Source
03.12.2024 | trendmicro.com
Gafgyt Malware Targeting Docker Remote API Servers

Our researchers identified threat actors exploiting misconfigured Docker servers to spread the Gafgyt malware. This threat traditionally targets IoT devices; this new tactic signals a change in its behavior.

Details & Relations Graph Source
03.12.2024 | ssi.gouv.fr
Multiples vulnérabilités dans les produits Axis - CERT-FR
Details & Relations Graph Source
03.12.2024 | sysdig.com
Extending Falco for Salesforce

As many in the CNCF community know, Falco’s flexibility can be extended through Plugins, allowing users to build custom integrations...

Details & Relations Graph Source
03.12.2024 | bitsight.com
PROXY.AM Powered by Socks5Systemz Botnet | Bitsight

After a year long investigation, Bitsight TRACE follows up on Socks5Systemz research.

Details & Relations Graph Source
03.12.2024 | ssi.gouv.fr
Multiples vulnérabilités dans Ruby on Rails - CERT-FR
Details & Relations Graph Source
03.12.2024 | ssi.gouv.fr
Multiples vulnérabilités dans Google Android - CERT-FR
Details & Relations Graph Source
03.12.2024 | bleepingcomputer.com
Veeam warns of critical RCE bug in Service Provider Console

​Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing.

Details & Relations Graph Source
02.12.2024 | malware.news
Unveiling RevC2 and Venom Loader

IntroductionVenom Spider, also known as GOLDEN CHICKENS, is a threat actor known for offering Malware-as-a-Service (MaaS) tools like VenomLNK, TerraLoader, TerraStealer, and TerraCryptor. These tools have been utilized by other threat groups such as FIN6 and Cobalt in the past. Recently, Zscaler Th…

Details & Relations Graph Source
02.12.2024 | medium.com
Ransomware December 2024 Threat Intel

Sources

Details & Relations Graph Source
02.12.2024 | medium.com
Cyber Briefing: 2024.12.02

👉 What’s happening in cybersecurity today?

Details & Relations Graph Source
02.12.2024 | medium.com
🚨 Critical Vulnerability Discovered in Zabbix Network Monitoring Tool 🚨

WIRE TOR — The Ethical Hacking Services

Details & Relations Graph Source
02.12.2024 | fortinet.com
SmokeLoader Attack Targets Companies in Taiwan | FortiGuard Labs

FortiGuard Labs has uncovered an attack targeting companies in Taiwan with SmokeLoader, which performs its attack with plugins this time. Learn more.…

Details & Relations Graph Source
02.12.2024 | picussecurity.com
BianLian's Shape-Shifting Tactics: From Encryption to Pure Extortion

Explore BianLian's shift to data extortion, advanced TTPs like LSASS dumping & RDP exploits, and major incidents like BCHP breach. Mitigation insights included.

Details & Relations Graph Source
02.12.2024 | nationalcybersecurity.com
2nd December – Threat Intelligence Report | #ransomware | #cybercrime | National Cyber Security Consulting

For the latest discoveries in cyber research for the week of 2nd December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Supply chain software provider Blue Yonder was hit by a ransomware attack, disrupting services for clients like Starbucks and UK grocery chains Morri…

Details & Relations Graph Source
02.12.2024 | malware.news
CISA Releases New List of Known Exploited Vulnerabilities, Urges Immediate Actions

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday! Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: This is an affili…

Details & Relations Graph Source
02.12.2024 | malware.news
2nd December – Threat Intelligence Report

For the latest discoveries in cyber research for the week of 2nd December, please download our Threat Intelligence Bulletin. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IM…

Details & Relations Graph Source
02.12.2024 | checkpoint.com
2nd December – Threat Intelligence Report - Check Point Research

For the latest discoveries in cyber research for the week of 2nd December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Supply chain software provider Blue Yonder was hit by a ransomware attack, disrupting services for clients like Starbucks and UK grocery chains Morri…

Details & Relations Graph Source
02.12.2024 | picussecurity.com
CISA Reveals the Top 15 Most Exploited Vulnerabilities of 2023

Discover the top 15 most exploited vulnerabilities of 2023, as revealed by CISA, with insights into critical risks and the importance of timely patching.

Details & Relations Graph Source
02.12.2024 | securelist.ru
Целевая вредоносная кампания доставляет Remcos, DarkGate и BrockenDoor

Вредоносная кампания, нацеленная на организации, специализирующиеся на внедрении ПО для автоматизации бизнеса, использует RLO, доставляет Remcos, DarkGate и новый бэкдор BrockenDoor.

Details & Relations Graph Source
02.12.2024 | darkowl.com
Threat Intelligence RoundUp: November

This blog series highlights the top threat intelligence articles that our readers found the most interesting this month.

Details & Relations Graph Source
02.12.2024 | securelist.com
NetSupport RAT and RMS in malicious emails

Attackers are sending malicious scripts that download the Remote Manipulator System (RMS) build, known as BurnsRAT, and NetSupport RAT

Details & Relations Graph Source
02.12.2024 | ahnlab.com
Apache ActiveMQ 취약점(CVE-2023-46604) 취약점을 공격하는 Mauri 랜섬웨어 공격자 - ASEC

AhnLab Security Emergency response Center(ASEC)은 과거 수 차례의 블로그 포스팅들을 통해 CVE-2023-46604 취약점 대상 공격 사례들을 다루었다. 취약점 패치가 이루어지지 않은 시스템들은 아직까지도 지속적인 공격 대상이 되고 있으며 주로 코인 마이너 설치 사례들이 확인된다. 하지만 최근 Mauri 랜섬웨어를 사용하는 공격자가 Apache ActiveMQ 취약점을 악용해 국내 시스템을 공격 중인 정황을 확인하였다.    1. Apache ActiveMQ 취약점 […]

Details & Relations Graph Source
02.12.2024 | cyble.com
CISA Update The Known Exploited Vulnerabilities Catalog

CISA's updated list of Known Exploited Vulnerabilities highlights critical flaws like CVE-2024-11680, urging immediate action to prevent cyberattacks.

Details & Relations Graph Source
02.12.2024 | gbhackers.com
MediaTek Processor Vulnerabilities Let Attackers escalate privileges

Several vulnerabilities affecting MediaTek processors have been identified, potentially allowing attackers to escalate privileges on affected devices.

Details & Relations Graph Source
02.12.2024 | gbhackers.com
Poison Ivy APT Launches Continuous Cyber Attack on Defense, Gov, Tech & Edu Sectors

Researchers uncovered the resurgence of APT-C-01, also known as the Poison Ivy group, an advanced persistent threat organization notorious for its sustained cyber attacks.

Details & Relations Graph Source
02.12.2024 | cybersrcc.com
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP - CyberSRC

The security vulnerabilities recently disclosed in Advantech EKI industrial-grade wireless access point devices present a serious threat to industrial networks. […]

Details & Relations Graph Source
02.12.2024 | medium.com
RST TI Report Digest: 02 Dec 2024

This is a weekly threat intelligence report review from RST Cloud. This week, we analyzed 35 threat intelligence reports.

Details & Relations Graph Source
02.12.2024 | thedfirreport.com
The Curious Case of an Egg-Cellent Resume

Key Takeaways Initial access was via a resume lure as part of a TA4557/FIN6 campaign. The threat actor abused LOLbins like ie4uinit.exe and msxsl.exe to run the more_eggs malware. Cobalt Strike and…

Details & Relations Graph Source
02.12.2024 | cisecurity.org
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution

<p>Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for <span style="color: black;">remote </span>code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and w…

Details & Relations Graph Source
02.12.2024 | jvn.jp
JVN#53958863: Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers
Details & Relations Graph Source
02.12.2024 | ssi.gouv.fr
Bulletin d'actualité CERTFR-2024-ACT-052 - CERT-FR
Details & Relations Graph Source
02.12.2024 | genians.co.kr
위협 행위자 김수키의 이메일 피싱 캠페인 분석

김수키(Kimsuky) 그룹은 대북 연구원과 기관을 타깃으로 이메일을 활용한 피싱 공격을 지속하고 있습니다. 이들은 주로 금융기관과 공공기관의 전자문서를 사칭하며, 발신지와 도메인을 계속 변경하며 탐지를 회피하고, 피해자의 계정을 탈취해 추가 공격을 시도합니다.

Details & Relations Graph Source
02.12.2024 | aqniu.com
Linux安全警报:首个UEFI bootkit恶意软件现身;ThinkPad笔记本曝硬件级漏洞,黑客可偷偷控制摄像头 | 牛览 - 安全牛

安全牛

Details & Relations Graph Source
02.12.2024 | anquanke.com
CVE-2024-11980 (CVSS 10):十亿电动路由器中的严重缺陷-安全客 - 安全资讯平台

安全客 - 安全资讯平台

Details & Relations Graph Source
02.12.2024 | zscaler.com
Unveiling RevC2 and Venom Loader

Zscaler ThreatLabz discovered two new malware families, RevC2 & Venom Loader, deployed using Venom Spider MaaS Tools.

Details & Relations Graph Source
01.12.2024 | nationalcybersecurity.com
Thousands more cyber scammers nabbed by Interpol operation • The Register | #cybercrime | #infosec | National Cyber Security Consulting

Infosec in brief Interpol and its financial supporters in the South Korean government are back with another round of anti-cybercrime arrests via the fifth iteration of Operation HAECHI, this time nabbing more than 5,500 people suspected of scamming and seizing hundreds of millions in digital and fi…

Details & Relations Graph Source
01.12.2024 | nationalcybersecurity.com
Geopolitical strife drives increased ransomware activity | #ransomware | #cybercrime | National Cyber Security Consulting

Recorded ransomware attack volumes rose by 19% during October 2024 to a total of 468 incidents worldwide, a significant number of them in the US, where the controversial presidential election likely emboldened Russian-speaking threat actors to strike, according to NCC Group’s latest monthly Threa…

Details & Relations Graph Source
01.12.2024 | medium.com
Cooctus Stories

This room is about the Cooctus Clan

Details & Relations Graph Source
01.12.2024 | securityaffairs.com
Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free.

Details & Relations Graph Source
30.11.2024 | redpacketsecurity.com
CVE Alert: CVE-2024-36619 - RedPacket Security

FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types,

Details & Relations Graph Source
30.11.2024 | redpacketsecurity.com
CVE Alert: CVE-2024-35369 - RedPacket Security

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of

Details & Relations Graph Source
30.11.2024 | medium.com
⚠️ Microsoft Hacking Warning 450 Million Windows Users Must Now Act! 🖥️🔒

WIRE TOR — The Ethical Hacking Services

Details & Relations Graph Source
30.11.2024 | medium.com
🚨 Russian Script Kiddie Builds Massive DDoS Botnet 😱🌐

WIRE TOR — The Ethical Hacking Services

Details & Relations Graph Source
30.11.2024 | medium.com
Understanding Kernel Exploitation: How Cybercriminals Target OS Kernels to Control Systems

Kernel exploitation is one of the most sophisticated and dangerous forms of hacking. By targeting the core of an operating system…

Details & Relations Graph Source
30.11.2024 | medium.com
APT 10 (MenuPass Group) - Threat Actor

State-sponsored Chinese hacking group

Details & Relations Graph Source
30.11.2024 | medium.com
[CyberSec] Creating Detection Rules Based on MITRE ATT&CK in Splunk SIEM

Leveraging External Resources for Enhanced Threat Detection

Details & Relations Graph Source
30.11.2024 | medium.com
AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public…

Details & Relations Graph Source
30.11.2024 | medium.com
Cyber Threat Intelligence Report | RomCom (UAT-5647)

RomCom, known as UAT-5647, is a threat actor group known for using multiple zero-day exploits in the wild and conducting cyber espionage.

Details & Relations Graph Source
29.11.2024 | medium.com
Cybersecurity News Review — Week 48

I had to cut a lot from this week’s packed list of cybersecurity developments, but this newsletter will hopefully help you efficiently digest all the key updates. Russian APT group Fancy Bear…

Details & Relations Graph Source