June 20, 2024 at 08:32AM Chinese-speaking victims have been targeted by a threat actor using the SquidLoader malware loader in recent attacks. The highly evasive SquidLoader malware is aimed at China. [SecurityWeek] Based on the meeting notes: – A threat actor has been using the SquidLoader malware loader in recent attacks targeting Chinese-speaking victims. – … Read more
April 11, 2024 at 04:09PM MITRE is adding two new techniques to its ATT&CK database due to exploits by North Korean threat actors. One technique involves TCC manipulation on Apple’s macOS, enabling privileged access for espionage. The other technique, phantom DLL hijacking on Windows, involves exploiting nonexistent DLL files. Both have been used by North … Read more
April 10, 2024 at 01:04AM MITRE ATT&CK techniques dominate cybersecurity incidents, particularly command and scripting interpreters (T1059) and phishing (T1566). A report by D3 Security reveals these techniques surpass others significantly. The widespread usage of malicious scripts underlines the need for comprehensive incident response plans. Additionally, robust education and multifactor authentication help defend against phishing … Read more
March 27, 2024 at 04:16PM Limited options leave many vulnerable Macs susceptible to a “GoFetch” attack, which can steal keys, including quantum-resistant ones. Based on the meeting notes, it seems the flaw is limiting the options for addressing it, leaving many Macs vulnerable to a “GoFetch” attack that can steal keys, even quantum-resistant ones. This … Read more
March 26, 2024 at 11:15AM A recent proof-of-concept exploit has led to attacks on a critical vulnerability, prompting CISA to prioritize urgent patching. Based on the meeting notes, the urgent action required is to prioritize patching the identified vulnerability due to the exploitation and subsequent attacks. The CISA has flagged it as a critical issue … Read more
December 8, 2023 at 10:25AM A new set of 5G modem vulnerabilities, collectively known as “5Ghoul,” impact 710 5G smartphone models from Google partners and Apple, as well as routers and USB modems. Discovered by researchers, these vulnerabilities can lead to disruptions and network downgrades, posing a risk to security. Qualcomm and MediaTek have released … Read more