Tag: advanced persistent threats
-
Hacker News: Spies Jumped from One Network to Another via Wi-Fi in an Unprecedented Hack
Source URL: https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/ Source: Hacker News Title: Spies Jumped from One Network to Another via Wi-Fi in an Unprecedented Hack Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a novel Wi-Fi hacking technique identified by cybersecurity researchers, particularly a type of attack dubbed the “nearest neighbor attack,” which allows hackers to…
-
Slashdot: Russian Spies Jumped From One Network To Another Via Wi-Fi
Source URL: https://mobile.slashdot.org/story/24/11/22/2331247/russian-spies-jumped-from-one-network-to-another-via-wi-fi?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Russian Spies Jumped From One Network To Another Via Wi-Fi Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant cybersecurity breach investigated by Veloxity, detailing how Russian hackers were able to daisy-chain multiple Wi-Fi networks to conduct sophisticated intrusions. This case study illustrates the evolving…
-
The Register: Russian spies use remote desktop protocol files in unusual mass phishing drive
Source URL: https://www.theregister.com/2024/10/30/russia_wrangles_rdp_files_in/ Source: The Register Title: Russian spies use remote desktop protocol files in unusual mass phishing drive Feedly Summary: The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel Microsoft says a mass phishing campaign by Russia’s foreign intelligence services (SVR) is now in its second week, and…
-
Cisco Talos Blog: Writing a BugSleep C2 server and detecting its traffic with Snort
Source URL: https://blog.talosintelligence.com/writing-a-bugsleep-c2-server/ Source: Cisco Talos Blog Title: Writing a BugSleep C2 server and detecting its traffic with Snort Feedly Summary: This blog will demonstrate the practice and methodology of reversing BugSleep’s protocol, writing a functional C2 server, and detecting this traffic with Snort. AI Summary and Description: Yes Summary: The text provides an in-depth…
-
The Register: VMware fixes critical RCE, make-me-root bugs in vCenter – for the second time
Source URL: https://www.theregister.com/2024/10/22/vmware_rce_vcenter_bugs/ Source: The Register Title: VMware fixes critical RCE, make-me-root bugs in vCenter – for the second time Feedly Summary: If the first patches don’t work, try, try again VMware has pushed a second patch for a critical, heap-overflow bug in the vCenter Server that could allow a remote attacker to fully compromise vulnerable…
-
The Register: Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware
Source URL: https://www.theregister.com/2024/10/09/goldenjackal_custom_malware/ Source: The Register Title: Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware Feedly Summary: USB sticks help, but it’s unclear how tools that suck malware from them are delivered A cyberespionage APT crew named GoldenJackal hacked air-gapped PCs belonging to government and diplomatic entities at least twice using two sets of…
-
Hacker News: European govt air-gapped systems breached using custom malware
Source URL: https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/ Source: Hacker News Title: European govt air-gapped systems breached using custom malware Feedly Summary: Comments AI Summary and Description: Yes Summary: This text presents an extensive analysis of the GoldenJackal APT group’s cyberespionage activities, notably their attacks on air-gapped systems within governmental organizations in Europe. It introduces previously undocumented malware tools employed…
-
Cisco Talos Blog: CISA is warning us (again) about the threat to critical infrastructure networks
Source URL: https://blog.talosintelligence.com/threat-source-newsletter-oct-3-2024/ Source: Cisco Talos Blog Title: CISA is warning us (again) about the threat to critical infrastructure networks Feedly Summary: Despite what lessons we thought we learned from Colonial Pipeline, none of those lessons have been able to be put into practice. AI Summary and Description: Yes Summary: The text discusses current cybersecurity…
-
Hacker News: Windows 0-day was exploited by North Korea to install advanced rootkit
Source URL: https://arstechnica.com/security/2024/08/windows-0-day-was-exploited-by-north-korea-to-install-advanced-rootkit/ Source: Hacker News Title: Windows 0-day was exploited by North Korea to install advanced rootkit Feedly Summary: Comments AI Summary and Description: Yes Summary: The text highlights a critical Windows zero-day vulnerability (CVE-2024-38193) exploited by the North Korean hacking group Lazarus to install advanced rootkit malware (FudModule). This sophisticated attack allows the…
-
CSA: Avoiding Collapse in a Tech-Stacked World
Source URL: https://www.frontier-enterprise.com/tech-stacked-world-how-inaction-creates-fragile-defences/ Source: CSA Title: Avoiding Collapse in a Tech-Stacked World Feedly Summary: AI Summary and Description: Yes Summary: The text addresses the significant rise in cyber threats, highlighting a worrying gap between the increasing complexity of attacks and the preparedness of organizations to counter them. It underscores the necessity for enhanced cyber resilience…