Summary: A recently patched vulnerability in OpenAI’s ChatGPT app for macOS, known as SpAIware, could have allowed attackers to implant persistent spyware in the app’s memory, facilitating continuous data exfiltration. …
Tag: large
Threat Actor: SiegedSec | SiegedSec Victim: Telecom Company | Telecom Company Price: Unknown Exfiltrated Data Type: Sensitive Data
Key Points :
A key member of SiegedSec, known by the alias…Short Summary:
This report by CYFIRMA investigates the infrastructure of the APT group “Transparent Tribe,” identifying command-and-control (C2) servers linked to the group. The investigation reveals the use of Mythic …
RNN Summary
Short SummaryThe video discusses Recurrent Neural Networks (RNNs), a type of neural network designed to process sequences of data. RNNs utilize loops to incorporate information from previous …
Short Summary:
In the first half of 2024, Darktrace Threat Research observed multiple cyber attack campaigns targeting vulnerabilities in internet-facing systems, particularly focusing on Fortinet’s FortiClient EMS. A critical SQL …
Summary: Attackers are leveraging a new post-exploitation tool named Splinter to execute various malicious activities within compromised IT environments, including file theft and malware deployment. Despite being less advanced than …
Summary: A critical security flaw (CVE-2024-7490) in the Microchip Advanced Software Framework (ASF) could allow remote code execution due to a stack-based overflow vulnerability. Additionally, a severe zero-click vulnerability (CVE-2024-20017) …
Stream Summary
Summary of the StreamThe video discusses the PE file format, describing its structure and how it can be analyzed. The presenter shares insights from their vacation and …
Short Summary:
The article investigates the Sniper Dz phishing-as-a-service (PhaaS) platform, which has gained popularity among phishers targeting social media and online services. Over the past year, more than 140,000 …
Video Summary and Key Points
Summary of AFL Plus+ Fuzzing OverviewThis video provides an overview of using AFL Plus+ for fuzz testing, with the presenter sharing personal experiences while …
Large Language Models Discussion Summary
Summary of the Discussion on Large Language ModelsThe discussion centers around the capabilities and security concerns of large language models, specifically ChatGPT. The speaker …
Short Summary:
A new cryptojacking campaign has been discovered, targeting Docker Engine API and capable of lateral movement to Docker Swarm, Kubernetes, and SSH servers. The threat actor utilizes Docker …
Threat analysts are monitoring a Russian-linked threat actor deploying domains for crypto scams targeting the US Presidential Election and major US tech brands. The scams promise fake cryptocurrency …
The video discusses how to pick an enterprise-grade foundation model, particularly focusing on IBM’s Granite Foundation models. It emphasizes evaluating models based on performance, cost-effectiveness, and trustworthiness, highlighting …
Threat Actor: Unknown | unknown Victim: China Natural Gas Group | China Natural Gas Group Price: Available for sale on dark web Exfiltrated Data Type: Personal information, ID cards
Key …
Short Summary:
The article discusses the emergence of the Necro Trojan, which has infected various popular applications, including modified versions and those available on Google Play. The Trojan employs advanced …
Victim: savannahcandy.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/c8de2573-68c7-47ae-bb00-3a7d3d858392/ Discovered: 2024-09-21 14:36:42.724735 Published: 2024-09-21 12:45:05.000000 Description : Savannah Candy Kitchen, found at savannahcandy.com, is renowned for its Southern confections, particularly …
Video Summary and Key Points
Video SummaryThe video discusses a self-penetration test being conducted by the host, highlighting various tools and techniques used in ethical hacking. The host shares …
Summary: Recent research from Datadog Security Labs highlights a security vulnerability in Microsoft Entra ID, where administrative units (AUs) can be exploited by attackers to create persistent backdoor access within …
Victim: Omega Industries Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=cO2MInMpVbOwZo Discovered: 2024-09-20 23:41:11.980116 Published: 2024-09-20 23:41:11.122181 Description : United States
Ransomware Victims – ALL Other Victims by play
Victim: Omega…Victim: Messe C Country : DK Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=IY58xXG5w9oWqN Discovered: 2024-09-20 23:47:15.226223 Published: 2024-09-20 23:47:14.834012 Description : Denmark
Ransomware Victims – ALL Other Victims by play
Ransomware Activity Overview…
Summary: Cybersecurity researchers at Darktrace have reported on the exploitation of Fortinet’s FortiClient Endpoint Management Server (EMS) through a critical SQL injection vulnerability (CVE-2023-48788), allowing attackers to gain unauthorized access …
Summary: Researchers from Lumen’s Black Lotus Labs have identified a new botnet named Raptor Train, primarily composed of compromised SOHO and IoT devices, believed to be controlled by the China-linked …
The discussion revolves around the advancements in AI models, particularly focusing on the newly released model “Strawberry” with enhanced reasoning capabilities through chain of thought and reinforcement learning. The …
Threat Actor: Deathnote Hackers | Deathnote Hackers Victim: Villar Group of Companies | Villar Group of Companies Price: N/A Exfiltrated Data Type: Sensitive personal and corporate information
Key Points : …
Short Summary:
Medusa is a Ransomware-as-a-Service (RaaS) targeting Windows environments, active since June 2021. It gained attention in early 2023 with the launch of its Dedicated Leak Site. Medusa spreads …
Victim: Sunrise Farms Country : CA Actor: fog Source: http://xbkv2qey6u3gd3qxcojynrt4h5sgrhkar6whuo74wo63hijnn677jnyd.onion/posts/66ec5ad9ffa6d0708588b6ba/ Discovered: 2024-09-19 17:58:39.433800 Published: 2024-09-19 17:58:38.513760 Description : 30 GB
Ransomware Victims – ALL Other Victims by fog
Ransomware Gang …
Victim: palmfs.com Country : US Actor: ElDorado Source: Discovered: 2024-09-19 19:46:48.160274 Published: 2024-09-19 19:46:46.148402 Description : Palmfs.com is a company specializing in advanced data storage solutions. It offers innovative file …
The SonicWall Capture Labs threat research team has identified a critical zero-click vulnerability, CVE-2024-20017, affecting MediaTek Wi-Fi chipsets. This vulnerability allows remote code execution without user interaction and …
Summary: Microsoft has identified a financially motivated threat actor named Vanilla Tempest, which is using a ransomware strain called INC to target the U.S. healthcare sector for the first time. …
Threat Actor: Handala | Handala Victim: Israeli Industrial Batteries (IIB) | Israeli Industrial Batteries (IIB) Price: Not specified Exfiltrated Data Type: 6 TB of sensitive data
Key Points :
Handala…Short Summary:
This article discusses the discovery of a new post-exploitation red team tool called Splinter, identified on customer systems through Advanced WildFire’s memory scanning tools. It highlights the importance …
Summary: Ransomware gangs like BianLian and Rhysida are increasingly utilizing Microsoft’s Azure Storage Explorer and AzCopy to exfiltrate data from compromised networks and store it in Azure Blob storage. This …
Threat Actor: LinkedIn | LinkedIn Victim: Users | LinkedIn users Price: N/A Exfiltrated Data Type: User-generated content
Key Points :
LinkedIn updated its privacy policy to include user data collection…Threat Actor: Unknown | unknown Victim: Major Chinese Oil Company | Major Chinese Oil Company Price: Not disclosed Exfiltrated Data Type: Personal and corporate information
Key Points :
A threat…Victim: Compass Group Country : AU Actor: medusa Source: http://cx5u7zxbvrfyoj6ughw76oa264ucuuizmmzypwum6ear7pct4yc723qd.onion/detail?id=6b45979ab21db21d5520812322c8c35a Discovered: 2024-09-18 13:58:43.957138 Published: 2024-09-17 09:15:45.000000 Description : Compass Group is Australia, ’s largest food and support services company driving. …
The Summer Intelligence Insights report by Securonix Threat Labs highlights significant cyber threats identified over the last three months, including phishing campaigns, cyber-espionage efforts, and ransomware attacks. The …
Threat Actor: Unknown | unknown Victim: DATASUS and DETRAN | DATASUS and DETRAN Price: Not disclosed Exfiltrated Data Type: Personal details, vehicle information
Key Points :
Over 185 million records…Short Summary:
In May 2024, a targeted cyber campaign was detected in Italy, utilizing a new Remote Access Trojan (RAT) named SambaSpy. The campaign featured a sophisticated infection chain that …
Summary: A Chinese national, Wu Song, has been indicted for a phishing campaign targeting U.S. academics and engineers to steal software developed for NASA, which could have military applications. The …
Short Summary:
The article discusses the sophisticated cyber operations conducted by DPRK-affiliated threat groups, particularly focusing on their use of social engineering tactics and Python programming for initial access to …
In mid-2023, Black Lotus Labs uncovered a significant botnet named “Raptor Train,” believed to be operated by the Chinese threat actors known as Flax Typhoon. This botnet has …
Summary: Strider Technologies, a strategic intelligence startup, has raised $55 million in Series C funding to enhance its AI-driven intelligence services, particularly for government and international sectors. The investment aims …
Summary: A Russian media outlet, RT, is accused of conducting covert influence operations globally, supported by a cyber unit linked to Russian intelligence, which aids in military procurement and information …