NetSpi Technical

MARCH 11, 2024

This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. In late 2015, Nick Landers, Co-Founder of Dreadnode, published a blog on the abuse of Outlook Rules for RCE. are displayed through a form structure in an “inspector window”.

Authentication 145

Authentication Penetration Testing Technology Phishing 145

Security Boulevard

MARCH 12, 2024

The goal is to eliminate a broad class of software defects that make up to 70 percent of all vulnerabilities, according to researchers at Microsoft and Google. The post A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity appeared first on Security Boulevard.

Software 59

Software 59

The Hacker News

JANUARY 26, 2021

Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development.

Media 98

Media Internet Internet Government 98

SecureWorld News

JANUARY 26, 2021

Security researchers are some of the unsung heroes within the cybersecurity field. Google's Threat Analysis Group (TAG) has been working for several months to try to identify who is behind an ongoing campaign targeting security researchers, specifically those who work on vulnerability research and development at a variety of organizations.

Social Engineering 89

Social Engineering Engineering Accountability Malware 89

Heimadal Security

OCTOBER 19, 2021

The accounts under discussion are @lagal1990 and @shiftrows13 working as bait for security researchers with the final goal to make them download malware. The ones who initially discovered this campaign that is still developing were the TAG […].

Accountability 88

Accountability Malware Cybersecurity 88

Security Affairs

MARCH 18, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine’s government for intelligence purposes. Below is the tweet published by TAG chief, Shane Huntley, who cited the Google TAG Security Engineer Billy Leonard. We will continue to update our recent blog as necessary. ” wrote Leonard.

Government 93

Government Engineering Phishing Hacking 93

Security Affairs

JANUARY 26, 2021

Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. ” reads the TAG’s report. ” reads the TAG’s report.

Media 84

Media Social Engineering Engineering Accountability 84

Security Affairs

NOVEMBER 28, 2021

North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. Google TAG researchers reported that the same group, tracked as Zinc ,” also targeted security researchers in past campaigns.

Malware 117

Malware Phishing Antivirus Hacking 117

Malwarebytes

MARCH 22, 2023

Recently, while reading a blog post from security vendor Akamai, we spotted a similar situation. In this blog post, we show how the newly found Kritec skimmer was found along side one of its competitors. that the skimmer was using WebSockets and is the same one as described in Akamai's blog. They also list nebiltech[.]shop

68

68

Security Affairs

APRIL 17, 2023

Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization. The researchers highlighted some key threat trends by China-linked APT groups. ” continues the report.

Media 90

Media Accountability Government Malware 90

Security Affairs

MARCH 31, 2021

Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. ” reads the post published by Google TAG. ” reads the post published by Google TAG.

Media 87

Media Antivirus Accountability Internet 87

Security Affairs

MAY 23, 2022

Researchers from SEKOIA.IO SEKOIA researchers started their investigation after the publication of Google’s Threat Analysis Group (TAG)’s report “ Update on cyber activity in Eastern Europe ” which detailed the activity of nation-state actors against Eastern Europe. org jadlactnato.webredirect[.]org. Pierluigi Paganini.

Government 110

Government Hacking Cybersecurity Information Security 110

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. TAG believes that the ARCHIPELAGO group is a subset of a threat actor tracked by Mandiant as APT43. ” reads the analysis published by Google TAG.

Phishing 76

Phishing Media Passwords Malware 76

Security Boulevard

SEPTEMBER 1, 2021

<a href='/blog?tag=Cybersecurity'>Cybersecurity</a> tag=Cybersecurity'>Cybersecurity</a> <a href='/blog?tag=Ransomware'>Ransomware</a> tag=Ransomware'>Ransomware</a> <a href='/blog?tag=Cyber-attacks'>Cyber-attacks</a> Additional Resources.

Digital transformation 145

Digital transformation Cybersecurity Cyber threats IoT 145

Security Boulevard

MARCH 19, 2021

<a href='/blog?tag=Inbound tag=Inbound Threats'>Inbound Threats</a> <a href='/blog?tag=File tag=File Transfers'>File Transfers</a> <a href='/blog?tag=Email Blog: 2020 – A Transformation Year in Cybersecurity On-Demand Webinar: Is Your Remote Workforce a Top Security Risk? .

Cybersecurity 119

Cybersecurity CISO Social Engineering Technology 119

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. Google’s Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. links sent over SMS to users.

Spyware 81

Spyware Surveillance Firmware Internet 81

Security Affairs

APRIL 8, 2023

Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report.

Backups 76

Backups Spyware Ransomware Education 76

Security Boulevard

MARCH 17, 2021

<a href='/blog?tag=Cybersecurity'>Cybersecurity</a> tag=Cybersecurity'>Cybersecurity</a> <a href='/blog?tag=Data tag=Data Loss Prevention'>Data Loss Prevention</a> <a href='/blog?tag=IT Request a Demo. Additional Resources. Featured: .

Data breaches 144

Data breaches Ransomware Financial Services CISO 144

Security Boulevard

FEBRUARY 16, 2023

By John Masserini, Senior Research Analyst, TAG Cyber As more and more enterprises move towards modernizing their infrastructures and solidifying their new, post-pandemic business models, unexpected attack vectors have emerged.

72

72

Security Affairs

JANUARY 29, 2021

Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. Researchers from Microsoft monitored a cyber espionage campaign aimed at vulnerability researchers and attributed the attacks to North Korea-linked Zinc APT group.

Malware 107

Malware Antivirus Hacking Accountability 107

Security Boulevard

DECEMBER 12, 2023

Two of the four HotNews Notes are updates on a critical OS Command Injection vulnerability in IS-OIL that was reported to SAP by the Onapsis Research Labs earlier this year. SAP Security Note #3350297 , tagged with a CVSS score of 9.1, The New HotNews Note in Detail SAP Security Note #3411067 , tagged with a CVSS score of 9.1,

Passwords 52

Passwords Technology Mobile Government 52

eSecurity Planet

MARCH 16, 2023

According to Crowdstrike researchers , 40 percent of the patched vulnerabilities are remote code execution flaws, down from 48 percent last month; 31 percent are elevation of privilege flaws, up from almost 16 percent last month; and 22 percent are information disclosure flaws, up from 10 percent last month.

Energy and Utilities 98

Energy and Utilities Authentication Firewall Engineering 98

Security Boulevard

JANUARY 9, 2024

affected Onapsis Research Labs Contribution —Our team supported SAP in patching an In Disclosure vulnerability in SAP ICM and SAP Web Dispatcher The new SAP Security year has started with 12 new and updated SAP Security Notes, including three HotNews Notes and four High Priority Notes. SAP has released the version 8.9.13

Internet 52

Internet Internet Marketing Technology 52

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. ” reads the analysis published by the security firm.

Data collection 91

Data collection Mobile Malware Education 91

Security Boulevard

FEBRUARY 21, 2024

But we’re also the only major Protective DNS provider that also offers a world-class threat intelligence solution for threat investigators, fraud researchers, and sensitive law enforcement and agency work. Part 1 of this 2-part blog highlights some of the latest improvements with HYAS Insight. What about a longer time horizon, you ask?

DNS 49

DNS Malware Engineering Cybersecurity 49

Malwarebytes

MARCH 18, 2022

The Google Threat Analysis Group (TAG) has shared their observations about a group of cybercriminals called Exotic Lily. Among these interested parties TAG found the Conti and Diavol ransomware groups. From the TAG blog we can learn that Exotic Lily was very much specialized. Initial access broker. Exotic Lily.

Ransomware 90

Ransomware Malware Social Engineering Media 90

Security Boulevard

FEBRUARY 3, 2021

<a href='/blog?tag='></a> tag='></a> <a href='/blog?tag='></a> tag='></a> <a href='/blog?tag='></a> tag='></a> 2020 was a year of unprecedented challenge for anyone working in public sector cybersecurity. Featured: .

Cybersecurity 78

Cybersecurity Digital transformation Cyber threats Ransomware 78

Security Affairs

APRIL 9, 2022

Recorded Future’s Insikt Group researchers uncovered a campaign conducted by a China-linked threat actor targeting Indian power grid organizations. The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka TAG-38. ” reads the advisory published by Recorded Future.

Hacking 78

Hacking Technology Cybersecurity Information Security 78

Security Boulevard

JUNE 13, 2023

This month, the Onapsis Research Labs contributed to fixing one vulnerability that affects the Transport Management System and can lead to a Denial of Service. This note is tagged with a CVSS score of 7.9. Updates in previously released High Priority SAP Security Notes SAP Security Note #3326210 , tagged with a CVSS score of 7.1,

Manufacturing 52

Manufacturing Phishing Authentication 52

Security Affairs

DECEMBER 1, 2021

VirusTotal announced VirusTotal Collections, a new service that allows security researchers to share sets of Indicators of Compromise (IoCs). VirusTotal announced VirusTotal Collections, a new service that allows threat researchers to share Indicators of Compromise (IoCs). ” reads the announcement published by Virus Total.

Hacking 89

Hacking Information Security Malware 89

Malwarebytes

APRIL 3, 2023

Researchers at Orca Security disclosed how they found a remote code execution vulnerability in Azure Service Fabric Explorer. The researcher’s story is interesting as it shows that it is possible to find new Cross-Site Scripting (XSS) vulnerabilities in weathered and complex systems like Azure.

Authentication 85

Authentication Risk Cybersecurity 85

SC Magazine

JUNE 17, 2021

Researchers on Thursday reported that hackers are using standard tools within Google Docs/Drive to lead unsuspecting victims to fraudulent websites, stealing credentials in the process. In a blog post, Avanan said hackers are bypassing static link scanners by hosting their attacks on publicly-known services. brionv, CC BY-SA 2.0

Phishing 110

Phishing Social Engineering Engineering CISO 110

Google Security

FEBRUARY 10, 2022

Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe. We also launched bughunters.google.com in 2021, a public researcher portal dedicated to keeping Google products and the internet safe and secure. We now offer swag !

Internet 144

Internet Internet Manufacturing Hacking 144

Malwarebytes

JANUARY 23, 2023

Researchers have successfully dismantled a massive ad fraud campaign they stumbled upon by accident. The researchers said they came across the VASTFLUX operation while investigating a different ad fraud scheme. Researchers said VASTFLUX exploited apps that run ads, particularly on iOS.

Adware 84

Adware Advertising Marketing Encryption 84

NopSec

JANUARY 31, 2024

The research leaves off on a cliff-hanger though, just like this intro. Microsoft Windows XAML Privilege Escalation CVE-2023-36003 Researchers have stumbled across a privilege escalation vulnerability that impacts Microsoft Windows. Specifically, the researcher found that the issue was rooted in the InitializeXamlDiagnosticsEx API.

VPN 59

VPN Government Risk Hacking 59

NetSpi Technical

MARCH 11, 2024

This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. In late 2015, Nick Landers, Co-Founder of Dreadnode, published a blog on the abuse of Outlook Rules for RCE. are displayed through a form structure in an “inspector window”.

Authentication 52

Authentication Penetration Testing Technology Phishing 52

Thales Cloud Protection & Licensing

APRIL 17, 2024

Security researchers from Imperva described in a blog called XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT how they discovered multiple security vulnerabilities in OpenAI’s ChatGPT that, if exploited, would enable bad actors to hijack a user’s account.

Risk 71

Risk Data collection Artificial Intelligence Accountability 71