Hacking and Security Intelligence - Cyber Security Informer

DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’

Security Boulevard

NOVEMBER 3, 2023

Permalink The post DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Security Intelligence

Security Intelligence Hacking Architecture Education

Black Hat Fireside Chat: The impactful role crowdsourced security intelligence must play

The Last Watchdog

SEPTEMBER 13, 2023

Sharing intel for a greater good Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks. From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life.

Security Intelligence

Security Intelligence Marketing Risk Internet

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

OCTOBER 15, 2019

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. That’s according to an analysis by Flashpoint , a security intelligence firm based in New York City. Correct subject would be the data center was hacked. HACKING BACK? BRIANS CHAT.

Hacking

Hacking Cybercrime Marketing Banking

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

The ransomware gang started its operations on December 27, 2021, and has already hacked the corporate networks of two organizations from Bangladesh and Japan respectively. link] — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022.

Ransomware

Ransomware Hacking Internet Internet

Russian hackers use PowerShell USB malware to drop backdoors

Bleeping Computer

JUNE 15, 2023

The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [.]

Security Intelligence

Security Intelligence Malware Hacking

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Security Affairs

MAY 18, 2022

Microsoft warns of a new hacking campaign aimed at MSSQL servers, threat actors are launching brute-forcing attacks against poorly protected instances. pic.twitter.com/Tro0NfMD0j — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022.

Security Intelligence

Security Intelligence Hacking Accountability Malware

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. — Microsoft Security Intelligence (@MsftSecIntel) June 29, 2022. SecurityAffairs – hacking, 8220).

Security Intelligence

Security Intelligence Malware Hacking Information Security

Microsoft Defender can now protect servers against ProxyLogon attacks

Security Affairs

MARCH 21, 2021

. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Microsoft Defender). Pierluigi Paganini.

Antivirus

Antivirus Small Business Security Intelligence Hacking

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. .

Firmware

Firmware Wireless DDOS IoT

Staying a Step Ahead of the Hack

Webroot

DECEMBER 11, 2020

As it turns out, it’s easier to hack our trust than our computers. Webroot Security Intelligence Director, Grayson Milbourne, offers several suggestions that companies can do to increase their security posture. The post Staying a Step Ahead of the Hack appeared first on Webroot Blog. Perfecting Your Posture.

Hacking

Hacking Social Engineering Engineering Phishing

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Finnish intelligence warns of Russia’s cyberespionage activities

Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Security Intelligence

Security Intelligence Manufacturing Cyber threats Accountability

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. SecurityAffairs – hacking, ZeroLogon). Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

South Korea claims North Koreans hacked Pfizer for COVID-19 vaccine data

SC Magazine

FEBRUARY 16, 2021

The National Intelligence Service in South Korea told a prominent lawmaker Tuesday that the North Koreans tried to steal data on COVID-19 vaccines by hacking Pfizer, one of the leading manufacturers in the global vaccination effort.

Hacking

Hacking Manufacturing Healthcare Technology

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. SecurityAffairs – hacking, STRRAT RAT). Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Security Intelligence

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. SecurityAffairs – hacking, Sysrv botnet).

Security Intelligence

Security Intelligence Malware Architecture Backups

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, botnet)

DDOS

DDOS Wireless Security Intelligence Authentication

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. Pierluigi Paganini.

Malware

Malware Security Intelligence Banking Phishing

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

The recent large scale campaign uncovered by Microsoft aimed at the service providers was uncovered by Microsoft researchers, in order to avoid detection, threat actors repetitively changed tactics and used a broad range of hacking tools and malware. SecurityAffairs – hacking, cyber security). Pierluigi Paganini.

Telecommunications

Telecommunications Technology Hacking Malware

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7 ).

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. macros in malware campaigns.

Security Intelligence

Security Intelligence Advertising Phishing Malware

Chinese Cyber Threat to Indian Defense and Telecom Sector

CyberSecurity Insiders

JUNE 18, 2021

Recorded Future that offers Enterprise Security Intelligence to American companies has revealed that there has been a persistent cyber threat to Indian Defense and Telecom sector from Chinese Military Intelligence since 2014.

Cyber threats

Cyber threats Security Intelligence Media Malware

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. SecurityAffairs – hacking, NATO).

Phishing

Phishing Accountability Hacking Surveillance

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. com , an Arabic-language computer hacking forum. 001 for his security research and bug hunting.

DNS

DNS Penetration Testing Malware Hacking

A new Magecart campaign hides the malicious code in 404 error page

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. Researchers observed a new Magecart web skimming campaign changing the websites’ default 404 error page to steal credit cards.

Retail

Retail Security Intelligence Hacking Software

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. SecurityAffairs – Ponyfinal ransomware, hacking).

Ransomware

Ransomware Security Intelligence Encryption Advertising

Anubis, a new info-stealing malware spreads in the wild

Security Affairs

AUGUST 27, 2020

— Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020. SecurityAffairs – hacking, malware). The post Anubis, a new info-stealing malware spreads in the wild appeared first on Security Affairs. The new malware shares a name with an unrelated family of Android banking malware. Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Cybercrime

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

Security Affairs

NOVEMBER 18, 2020

pic.twitter.com/YpUVEfmlUH — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2020. — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2020. SecurityAffairs – hacking, Office 365). This unique subdomain is added to a set of base domains, typically compromised sites.

Phishing

Phishing Social Engineering Passwords Security Intelligence

A week in security (June 28 – June 4)

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance

Cyber Insurance Social Engineering Scams Insurance

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Organizations in aerospace and travel sectors under attack, Microsoft warns

Security Affairs

MAY 13, 2021

pic.twitter.com/aeMfUUoVvf — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. pic.twitter.com/9r0OTmZQJb — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. pic.twitter.com/9r0OTmZQJb — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021.

Security Intelligence

Security Intelligence Phishing Malware Hacking

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Get TTPs and protection info: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 14, 2022. SecurityAffairs – hacking, Prestige ransomware). The post Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Telecommunications DNS Hacking

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage.

Phishing

Phishing Media Hacking Education

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Security Affairs

JUNE 14, 2021

— Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. pic.twitter.com/cBeTfteyGl — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. SecurityAffairs – hacking, seo poisoning).

Antivirus

Antivirus Security Intelligence Malware Insurance

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

This week, the independent security researcher Nguyen Jang published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers. The availability of the exploit online was immediately noticed by several cyber security experts, including Marcus Hutchins. SecurityAffairs – hacking, Microsoft Exchange).

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection

Security Affairs

OCTOBER 28, 2021

Get details: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2021. System Integrity Protection (also referred to as rootless) is a macOS security feature introduced in OS X El Capitan (2015) (OS X 10.11). . SecurityAffairs – hacking, Apple). Pierluigi Paganini.

Security Intelligence

Security Intelligence Hacking Technology Software

Coronavirus-themed attacks May 17 ? May 23, 2020

Security Affairs

MAY 24, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. SecurityAffairs – COVID-19, hacking). The post Coronavirus-themed attacks May 17 – May 23, 2020 appeared first on Security Affairs. Pierluigi Paganini.

Advertising

Advertising Security Intelligence Hacking Information Security

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

pic.twitter.com/v6sexKgDSg — Microsoft Security Intelligence (@MsftSecIntel) September 16, 2022. SecurityAffairs – hacking, malware). The post IT giants warn of ongoing Chromeloader malware campaigns appeared first on Security Affairs. Microsoft attributes the attack to a threat actor tracked as DEV-0796.

Malware

Malware Adware Ransomware Security Intelligence

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. “Therefore, organizations need a true “defense in depth” strategy and a multi-layered security solution that inspects email delivery, network activity, endpoint behavior, and follow-on attacker activities.” SecurityAffairs – hacking, phishing).

Phishing

Phishing Banking Passwords Firewall

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Researchers from Microsoft Security Intelligence are also warning of the ongoing Halloween-themed Emotet campaign. SecurityAffairs – hacking, Emotet). The post Emotet operators are running Halloween-themed campaigns appeared first on Security Affairs. Enable Edition template mostly used. Source Bleeping Computer.

Banking

Banking Malware Security Intelligence Advertising

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

The Last Watchdog

NOVEMBER 30, 2021

API hacking escapades. Over the past couple of years, good-guy researchers and malicious hackers alike have steadily scaled up their hacking activities to flush them out. Over the past couple of years, good-guy researchers and malicious hackers alike have steadily scaled up their hacking activities to flush them out.

Big data

Big data Digital transformation Accountability Software

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. Researchers at company firm Symantec reportedly linked the CIA hacking tools to a number of cyber attacks launched in recent years by a threat actor the company identified as the Longhorn group. “The

Malware

Malware Hacking Government Telecommunications

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. SecurityAffairs – hacking, CISA). The post CISA alert warns of Emotet attacks on US govt entities appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Banking Advertising Malware

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Security Affairs

JANUARY 26, 2022

link] — Microsoft Security Intelligence (@MsftSecIntel) January 11, 2022. The security team at the UK National Health Service (NHS) also announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. “An Pierluigi Paganini.

Internet

Internet Internet Ransomware Hacking

DEF CON 31 Packet Hacking Village – Mike Raggo’s, Chet Hosmer’s ‘OSINT for Physical Security Intelligence’

Black Hat Fireside Chat: The impactful role crowdsourced security intelligence must play

Trending Sources

“BriansClub” Hack Rescues 26M Stolen Cards

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Russian hackers use PowerShell USB malware to drop backdoors

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Microsoft Defender can now protect servers against ProxyLogon attacks

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Staying a Step Ahead of the Hack

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Finnish intelligence warns of Russia’s cyberespionage activities

Hackers are using Zerologon exploits in attacks in the wild

South Korea claims North Koreans hacked Pfizer for COVID-19 vaccine data

STRRAT RAT spreads masquerading as ransomware

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

New InfectedSlurs Mirai-based botnet exploits two zero-days

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Microsoft warns of “massive campaign” using COVID-19 themed emails

Chinese Cyber Threat to Indian Defense and Telecom Sector

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

French Firms Rocked by Kasbah Hacker?

A new Magecart campaign hides the malicious code in 404 error page

Microsoft warns about ongoing PonyFinal ransomware attacks

Anubis, a new info-stealing malware spreads in the wild

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

A week in security (June 28 – June 4)

Updated Kmsdx botnet targets IoT devices

Organizations in aerospace and travel sectors under attack, Microsoft warns

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection

Coronavirus-themed attacks May 17 ? May 23, 2020

IT giants warn of ongoing Chromeloader malware campaigns

HTML Smuggling technique used in phishing and malspam campaigns

Emotet operators are running Halloween-themed campaigns

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

Purple Lambert, a new malware of CIA-linked Lambert APT group

CISA alert warns of Emotet attacks on US govt entities

VMware urges customers to patch VMware Horizon servers against Log4j attacks

Stay Connected