December 10, 2024 at 09:48AM Huntress warned of an exploited vulnerability (CVE-2024-50623) in Cleo’s file transfer products, affecting over 1,700 servers, mostly in consumer and shipping sectors. Despite a patch, it failed to secure systems, allowing unauthorized access and persistent threats. Cleo plans to release a new patch shortly. **Meeting Takeaways:** 1. **Vulnerability Identified**: Huntress … Read more
December 5, 2024 at 10:41AM Latrodectus is a sophisticated malware family targeting corporate networks and financial institutions, leveraging advanced tactics like phishing and dynamic API resolution for data theft while evading detection. It utilizes a modular design for adaptability and persistence. Effective defenses include employee training, endpoint security, network segmentation, and regular updates. ### Meeting … Read more
December 4, 2024 at 03:09PM Researchers from iVerify revealed seven new Pegasus spyware infections affecting journalists and officials on iPhone and Android devices, spanning attacks from 2021 to 2023. This underscores the underestimated prevalence of mobile spyware, as traditional security measures frequently fail to detect such threats. Regular device updates and user education are vital … Read more
November 21, 2024 at 08:18PM The US Cybersecurity and Infrastructure Agency (CISA) simulated a cyber attack on a critical infrastructure provider, exploiting vulnerabilities to gain extensive access. They highlighted lessons learned, emphasizing the need for better detection controls, ongoing staff training, and leadership to prioritize addressing known vulnerabilities to prevent future breaches. ### Meeting Notes … Read more
November 21, 2024 at 01:48AM Threat hunters report an updated Python NodeStealer targeting Facebook Ads Manager and web browser credit card data. Developed by Vietnamese actors, it uses advanced techniques for data exfiltration, including avoiding detection in Vietnam. Recent phishing campaigns deploy I2Parcae RAT via ClickFix techniques, endangering users’ security and financial stability. ### Meeting … Read more
November 19, 2024 at 04:16AM The 2024 SANS Holiday Hack Challenge, starting on November 7, features eight weeks of gamified cyber exercises. Participants can tackle various challenges across skill levels, with a live scoreboard for tracking progress. Winners receive prizes like free courses and subscriptions. Sign up for updates and further details online. ### Meeting … Read more
November 18, 2024 at 10:33AM Cyber Threat Intelligence (CTI) is vital for cybersecurity, emphasizing the importance of actionable, reliable, and timely information. Indicators of Compromise (IOCs) are crucial but often generic and ineffective. Custom IOCs enhance threat detection, adapt to specific risks, improve supply chain security, and support compliance, making them essential for organizational defense. … Read more
November 10, 2024 at 10:30PM Alexander “Connor” Moucka, linked to the Snowflake breach affecting 165 customers, was arrested in Canada due to a U.S. extradition request. His co-conspirator, John Binns, is jailed in Turkey. Critical vulnerabilities in various software and cyber threats targeting crypto businesses are also highlighted, emphasizing ongoing security challenges. Here are the … Read more
November 8, 2024 at 12:05PM Recent research indicates that cybercriminals are targeting Australians interested in Bengal cats using Gootloader malware. By optimizing search results related to Bengal cat legality, they trick users into downloading malicious files. Sophos warns of rising attacks utilizing this method, urging users to be cautious of suspicious links and downloads. **Meeting … Read more
November 6, 2024 at 10:08AM Cross-domain threats have surged, exploiting identity, cloud, and endpoint vulnerabilities with minimal detection footprints. Notable adversaries like Scattered Spider and North Korea’s Famous Chollima utilize stolen credentials and sophisticated phishing to conduct attacks. Defending against these requires integrated visibility, real-time threat hunting, and advanced identity protection measures to prevent breaches. … Read more