DATE |
NAME |
Info |
CATEG. |
WEB |
25.5.24 |
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign
Leverages Rare Tool Set to Target Governmental Entities in the Middle
East, Africa and Asia |
A Chinese advanced persistent threat (APT) group has been conducting an
ongoing campaign, which we call Operation Diplomatic Specter. |
APT blog |
Palo Alto |
25.5.24 |
BAD KARMA, NO JUSTICE: VOID MANTICORE DESTRUCTIVE ACTIVITIES IN ISRAEL |
Void Manticore is an Iranian threat actor affiliated with the Ministry
of Intelligence and Security (MOIS). They carry out destructive wiping
attacks combined with influence operations. |
APT blog |
Checkpoint |
25.5.24 |
SHARP DRAGON EXPANDS TOWARDS AFRICA AND THE CARIBBEAN |
Sharp Dragon’s (Formerly referred to as Sharp Panda) operations
continue, expanding their focus now to new regions – Africa and the
Caribbean. |
APT blog |
Checkpoint |
25.5.24 |
From trust to trickery: Brand impersonation over the email attack vector |
Cisco recently developed and released a new feature to detect brand
impersonation in emails when adversaries pretend to be a legitimate
corporation. |
Hacking blog |
Cisco Blog |
25.5.24 |
Mandatory reporting for ransomware attacks? – Week in security with Tony
Anscombe |
As the UK mulls new rules for ransomware disclosure, what would be the
wider implications of such a move, how would cyber-insurance come into
play, and how might cybercriminals respond? |
Ransom blog |
Eset |
25.5.24 |
Introducing Nimfilt: A reverse-engineering tool for Nim-compiled
binaries |
Available as both an IDA plugin and a Python script, Nimfilt helps to
reverse engineer binaries compiled with the Nim programming language
compiler by demangling package and function names, and applying structs
to strings |
Malware blog |
Eset |
25.5.24 |
What happens when AI goes rogue (and how to stop it) |
As AI gets closer to the ability to cause physical harm and impact the
real world, “it’s complicated” is no longer a satisfying response |
AI blog |
Eset |
25.5.24 |
Untangling the hiring dilemma: How security solutions free up HR
processes |
The prerequisites for becoming a security elite create a skills ceiling
that is tough to break through – especially when it comes to hiring
skilled EDR or XDR operators. |
Security blog |
Eset |
18.5.24 |
Payload Trends in Malicious OneNote Samples |
In this post, we look at the types of embedded payloads that attackers
leverage to abuse Microsoft OneNote files. |
Malware blog |
Palo Alto |
18.5.24 |
Leveraging DNS Tunneling for Tracking and Scanning |
This article presents a case study on new applications of domain name
system (DNS) tunneling we have found in the wild. |
Hacking blog |
Palo Alto |
18.5.24 |
FOXIT PDF “FLAWED DESIGN” EXPLOITATION |
PDF (Portable Document Format) files have become an integral part of
modern digital communication. |
Exploit blog |
Checkpoint |
18.5.24 |
Talos releases new macOS open-source fuzzer |
Compared to fuzzing for software vulnerabilities on Linux, where most of
the code is open-source, targeting anything on macOS presents a few
difficulties. |
OS Blog |
Cisco Blog |
18.5.24 |
Only one critical vulnerability included in May’s Microsoft Patch
Tuesday; One other zero-day in DWN Core |
The lone critical security issue is CVE-2024-30044, a remote code
execution vulnerability in SharePoint Server. |
Vulnerebility blog |
Cisco Blog |
18.5.24 |
Talos joins CISA to counter cyber threats against non-profits, activists
and other at-risk communities |
Commercial spyware tools can threaten democratic values by enabling
governments to conduct covert surveillance on citizens, undermining
privacy rights and freedom of expression. |
BigBrother blog |
Cisco Blog |
18.5.24 |
Rounding up some of the major headlines from RSA |
Here’s a rundown of some things you may have missed if you weren’t able
to stay on top of the things coming out of the conference. |
Cyber blog |
Cisco Blog |
18.5.24 |
A new alert system from CISA seems to be effective — now we just need
companies to sign up |
Under a pilot program, CISA has sent out more than 2,000 alerts to
registered organizations regarding the existence of any unpatched
vulnerabilities in CISA’s KEV catalog. |
Vulnerebility blog |
Cisco Blog |
18.5.24 |
The who, where, and how of APT attacks – Week in security with Tony
Anscombe |
This week, ESET experts released several research publications that
shine the spotlight on a number of notable campaigns and broader
developments on the threat landscape |
APT blog |
Eset |
18.5.24 |
To the Moon and back(doors): Lunar landing in diplomatic missions |
ESET researchers provide technical analysis of the Lunar toolset, likely
used by the Turla APT group, that infiltrated a European ministry of
foreign affairs |
APT blog |
Eset |
18.5.24 |
Ebury is alive but unseen: 400k Linux servers compromised for
cryptocurrency theft and financial gain |
One of the most advanced server-side malware campaigns is still growing,
with hundreds of thousands of compromised servers, and it has
diversified to include credit card and cryptocurrency theft |
Cryptocurrency blog |
Eset |
18.5.24 |
ESET APT Activity Report Q4 2023–Q1 2024 |
An overview of the activities of selected APT groups investigated and
analyzed by ESET Research in Q4 2023 and Q1 2024 |
APT blog |
Eset |
11.5.24 |
Talos discloses multiple zero-day vulnerabilities, two of which could
lead to code execution |
Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy
daemon and another in the stb_vorbis.c file library — could lead to
arbitrary code execution, earning both issues a CVSS score of 9.8 out of
10. |
Vulnerebility blog |
Cisco Blog |
11.5.24 |
How to talk about climate change – and what motivates people to action:
An interview with Katharine Hayhoe |
We spoke to climate scientist Katharine Hayhoe about intersections
between climate action, human psychology and spirituality, and how to
channel anxiety about the state of our planet into meaningful action |
Security blog |
Eset |
11.5.24 |
In it to win it! WeLiveSecurity shortlisted for European Security
Blogger Awards |
We’re thrilled to announce that WeLiveSecurity has been named a finalist
in the Corporates – Best Cybersecurity Vendor Blog category of the
European Security Blogger Awards 2024 |
Security blog |
Eset |
11.5.24 |
It's a wrap! RSA Conference 2024 highlights – Week in security with Tony
Anscombe |
More than 40,000 security experts descended on San Francisco this week.
Let's now look back on some of the event's highlights – including the
CISA-led 'Secure by Design' pledge also signed by ESET |
Cyber blog |
Eset |
11.5.24 |
RSA Conference 2024: AI hype overload |
Can AI effortlessly thwart all sorts of cyberattacks? Let’s cut through
the hyperbole surrounding the tech and look at its actual strengths and
limitations. |
AI blog |
Eset |
11.5.24 |
How to inspire the next generation of scientists | Unlocked 403:
Cybersecurity podcast |
As Starmus Earth draws near, we caught up with Dr. Garik Israelian to
celebrate the fusion of science and creativity and venture where
imagination flourishes and groundbreaking ideas take flight |
Security blog |
Eset |
11.5.24 |
The hacker’s toolkit: 4 gadgets that could spell security trouble |
Their innocuous looks and endearing names mask their true power. These
gadgets are designed to help identify and prevent security woes, but
what if they fall into the wrong hands? |
Malware blog |
Eset |
|
4.5.24 |
It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise |
Our telemetry indicates a growing number of threat actors are turning to
malware-initiated scanning attacks. |
Malware blog |
Palo Alto |
|
4.5.24 |
Muddled Libra’s Evolution to the Cloud |
Unit 42 researchers have discovered that the Muddled Libra group now
actively targets software-as-a-service (SaaS) applications and cloud
service provider (CSP) environments. |
APT blog |
Palo Alto |
|
4.5.24 |
Vulnerabilities in employee management system could lead to remote code
execution, login credential theft |
Talos also recently helped to responsibly disclose and patch other
vulnerabilities in the Foxit PDF Reader and two open-source libraries
that support the processing and handling of DICOM files. |
Vulnerebility blog |
Cisco Blog |
|
4.5.24 |
James Nutland studies what makes threat actors tick, growing our
understanding of the current APT landscape |
Nutland says he goes into every engagement or new project with a
completely open mind and a blank slate — using his background
investigating terror operations to find out as much as he can about a
particular adversary’s operation. |
APT blog |
Cisco Blog |
|
4.5.24 |
Pay up, or else? – Week in security with Tony Anscombe |
Organizations that fall victim to a ransomware attack are often caught
between a rock and a hard place, grappling with the dilemma of whether
to pay up or not |
Ransom blog |
Eset |
|
4.5.24 |
Adding insult to injury: crypto recovery scams |
Once your crypto has been stolen, it is extremely difficult to get back
– be wary of fake promises to retrieve your funds and learn how to avoid
becoming a victim twice over |
Spam blog |
Eset |
|
4.5.24 |
MDR: Unlocking the power of enterprise-grade security for businesses of
all sizes |
We spoke to Astronomy magazine editor-in-chief David Eicher about key
challenges facing our planet, the importance of space exploration for
humanity, and the possibility of life beyond Earth |
Security blog |
Eset |
|
4.5.24 |
How space exploration benefits life on Earth: Q&A with David Eicher |
The investigation uncovered at least 40,000 phishing domains that were
linked to LabHost and tricked victims into handing over their sensitive
details |
Phishing blog |
Eset |
| | | | |