Summary: The content discusses the approaching Q-Day, when a quantum computer can break most forms of modern encryption, leaving our societies vulnerable to cyberattacks.
Threat Actor: Quantum computers | Quantum …
Summary: The content discusses the approaching Q-Day, when a quantum computer can break most forms of modern encryption, leaving our societies vulnerable to cyberattacks.
Threat Actor: Quantum computers | Quantum …
Summary: The content discusses the projected growth of spending on operational technology (OT) cybersecurity and the factors driving this increase.
Threat Actor: N/A Victim: N/A
Key Point :
Enterprise spending…Summary: P2PInfect, a dormant peer-to-peer malware botnet, has recently become active and is deploying a ransomware module and a cryptominer in attacks on Redis servers.
Threat Actor: P2PInfect | P2PInfect …
Summary: This content discusses active attacks targeting end-of-life Zyxel NAS boxes after the disclosure of critical vulnerabilities.
Threat Actor: Mirai-like botnet | Mirai-like botnet Victim: Zyxel NAS devices | Zyxel …
CVE-2024-33001 – SAP NetWeaver and ABAP Platform VulnerabilityJune 24, 2024Donot APT Group – Active IOCsJune 24, 2024
Analysis SummaryThe Mirai botnet is a type of malware that infects Internet …
The Hi-Tech Crime Trends report by Group-IB highlights a growing cybercriminal focus on Apple devices due to their increasing popularity. This shift has led to a rise in malware …
On May 7, 2024, Devcore Principal Security Researcher Orange Tsai discovered and reported a critical Remote Code Execution (RCE) vulnerability, CVE-2024-4577, to the PHP official team. This vulnerability stems …
Security teams spend a lot of time chasing software vulnerabilities. The fact is, however, that their time would be better spent combating malware because the payoff is better: faster detection, …
Summary: The content discusses the increase in vulnerabilities in Internet of Things (IoT) devices, with a particular focus on the most vulnerable device types and the targeting of enterprise IoT …
This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion …
Summary: This blog post discusses a new campaign of Muhstik malware targeting the Apache RocketMQ platform, exploring how the attackers exploit vulnerabilities in RocketMQ and analyzing the impact of the …
ReversingLabs researchers recently discovered a malicious, open source package: xFileSyncerx on the Python Package Index (PyPI). The package, with close to 300 registered downloads, contained separate malicious “wiper” components. Is …
A global scale domain name system (DNS) probing operation that targets open resolvers has been underway since at least June 2023. We analyzed queries to Infoblox and many other recursive …
This blog is based on collaboration between Infoblox Threat Intel and co-author, Dave Mitchell. The campaign research reported here was completed in January 2024, …
Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). …
This time, we’re not revealing a new cyber threat investigation or analysis, but I want to share some insights about the team behind all Sekoia Threat Intelligence and Detection Engineering …
In March 2024, the Sysdig Threat Research Team (TRT) began observing attacks against one of our Hadoop honeypot services from the domain “rebirthltd[.]com.” Upon investigation, we discovered that the domain …
Summary: This content discusses the increasing use of operational relay box (ORB) networks by China-linked state-backed hackers for cyberespionage operations, posing challenges in detection and attribution.
Threat Actor: China-linked state-backed …
Summary: This article discusses the importance of making software bills of materials (SBOMs) more easily shareable in order to enhance visibility into enterprise software supply chains and improve security.
Threat …
As organizations prepare for the challenges and opportunities of 2024, the critical importance of cybersecurity preparedness is increasingly apparent. In an era characterized by rapid digital transformation and continuous innovation, …
XLab’s CTIA(Cyber Threat Insight Analysis) System continuously tracks and monitors the active mainstream DDoS botnets. Recently, our system has observed that CatDDoS-related gangs remain active and have exploited over 80 …
Mirai is a botnet that has been targeting Internet of Things (IoT) devices since September 2016. It initially gained notoriety with denial-of-service attacks on several high-profile …
Written by: Michael Raggi
Mandiant Intelligence is tracking a growing trend among China-nexus cyber espionage operations where advanced persistent threat (APT) actors utilize proxy networks known as “ORB networks” (operational …
Summary: Cybersecurity researchers and IoT technology companies have collaborated to address four software vulnerabilities in Kalay, a tool used by various IoT device manufacturers, including Roku, Owlet, and Wyze. These …
Summary: This content discusses the importance of taking a holistic approach to vulnerability management in order to effectively address the risks facing cyber-physical systems (CPS) environments.
Threat Actor: N/A
Victim: …
Summary: Vishing and deepfake phishing attacks are increasing as threat actors use GenAI to enhance social engineering tactics, making phishing more difficult to detect and deceive even the most aware …
Verizon’s 17th annual Data Breach Investigations Report (DBIR) for 2024 offers an in-depth look at the latest trends in data breaches and cyber security incidents. Analyzing data from over 30,458 incidents and 10,626 …
The Black Lotus Labs team at Lumen Technologies is tracking a malware platform we’ve named Cuttlefish, that targets networking equipment, specifically enterprise-grade small office/home office (SOHO) routers. This …
Summary: The content discusses the implementation of the Product Security and Telecommunications Infrastructure (PSTI) Act in the UK, which requires manufacturers of consumer-grade IoT products to improve security measures and …
Summary: Chinese and Russian hackers are increasingly targeting edge devices such as VPN appliances, firewalls, routers, and IoT tools in espionage attacks, according to a report by Google security firm …
Summary: The majority of companies have experienced cyberattacks that were not fully covered by their cyber insurance policies, leaving significant gaps in coverage and resulting in uncovered losses.
Threat Actor: …
Summary: Cisco has warned about a surge in brute-force attacks targeting various devices, including VPN services, web application authentication interfaces, and SSH services, since March 18, 2024.
Threat Actor: Unknown …
OceanLotus, also known as APT32, Ocean Buffalo, and SeaLotus, is a highly sophisticated adversary operating on behalf of the interests of the Vietnamese government that was first identified by the …
Affected Platforms: TP-Link Archer AX21 (AX1800) Version 1.1.4 Build 20230219 or priorImpacted Users: Any organizationImpact: Remote attackers gain control of the vulnerable systemsSeverity Level: High
Last year, a command injection …
Summary: The Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities in Moscow and beyond using a destructive ICS malware called Fuxnet.
Threat Actor: Ukrainian Blackjack …
Update as of April 15:
The Blackjack hacker group reached out to Team82 following publication of this blog with some updates, in particular around Team82’s contention—based on our initial research …
1. Unsupervised Learning
An experienced cybersecurity expert, consultant and writer, Miessler takes a personal approach on his blog with an “about me” page …
Krebs on Security is a popular blog focused on in-depth security news and investigations. It’s authored by Brian Krebs, a well-known journalist in the field of cybersecurity. The site provides …
Summary: This content provides a list of security vulnerabilities and their severity levels in various Microsoft products and services.
Threat Actor: N/A
Victim: N/A
Key Point:
The content highlights multiple…Summary: Cybersecurity researchers from Bitdefender discovered critical vulnerabilities in LG TVs running webOS versions 4 through 7, which could allow attackers to gain complete control over the TV, steal data, …
In this report, we will conduct a comprehensive analysis of Gafgyt, which is an ELF malware. Our aim is to examine the malware’s capabilities and determine its functions:
DDoS Attack…This blog discusses the Darktrace Threat Research team’s investigation into Raspberry Robin, an evasive worm that is primarily distributed through infected USB drives. Once it has gained access to a …
Threat management is a process that is used by cybersecurity analysts, incident responders and threat hunters to prevent cyberattacks, detect cyberthreats and respond to security incidents.…
🤖 AI’s Growing Importance: The significance of artificial intelligence in cybersecurity continues to grow, emphasizing its role in both enhancing security measures and posing new threats.
🔑 Shift from Passwords …
Summary: Apps found on Google Play are turning devices into proxy network nodes without users’ knowledge, posing a security risk.
Key Point: 🔒 Apps with hidden proxy network functionality are …
Summary : TheMoon malware infects thousands of ASUS routers in a short period, serving as a proxy for cybercriminals.
Key Point : 🔒 TheMoon malware targets outdated ASUS routers for …
__________________________________________________ Summary : The GEOBOX tool on the Dark Web allows hackers to manipulate GPS, simulate networks, mimic Wi-Fi, and evade anti-fraud filters using Raspberry Pi devices.
Key Point : …
The Black Lotus Labs team at Lumen Technologies has identified a multi-year campaign targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices, associated with an updated …
Earlier last week, I ran into a sample that turned out to be PureCrypter, a loader and obfuscator for all different kinds of malware such as Agent Tesla and …