December 5, 2024 at 08:39AM The Earth Minotaur threat cluster uses the MOONSHINE exploit kit and the DarkNimbus backdoor to target Tibetans and Uyghurs through social engineering and phishing methods. It exploits Chromium vulnerabilities, facilitating long-term surveillance on Android and Windows devices, while affecting numerous countries and employing advanced malware tools. ### Meeting Takeaways on … Read more
November 24, 2024 at 08:37PM Volexity reported a “nearest neighbor attack” by Kremlin-backed hackers APT28, compromising networks via neighboring organizations’ Wi-Fi without MFA. Cisco warns of an expiring internal certificate risking device management. Microsoft seized 240 phishing sites linked to a suspect. Helldown ransomware targets Linux, and Jupyter Notebooks are hijacked for illegal sports streaming. … Read more
November 14, 2024 at 06:47AM A new zero-day vulnerability in Windows has been exploited by Russia, allowing execution through file deletion, drag-and-drop actions, or right-click commands. **Meeting Takeaways:** 1. **Zero-Day Vulnerability**: A new zero-day vulnerability in Windows has been identified. 2. **Exploit Execution**: – The exploit can be executed through specific user actions, including: – … Read more
October 28, 2024 at 09:58AM French startup Filigran has successfully secured $35 million in investments from Insight Partners, Accel, and Moonfire, increasing its total funding to $56 million, aiming to innovate in the threat intelligence sector. **Meeting Takeaways:** 1. **Investment Overview:** – A French startup has successfully secured investments from Insight Partners, Accel, and Moonfire. … Read more
October 3, 2024 at 06:13AM An extortionist, “PaidMemes,” has used the BabyLockerKZ ransomware variant to attack over 100 organizations per month since 2022. The attacks initially targeted European businesses before shifting to Central and South America. “PaidMemes” targets small to medium-sized enterprises and demands payments averaging $30,000-$50,000. The attacker exploits publicly available tools and compromised … Read more
September 24, 2024 at 08:05AM Amid rising exposure to North Korean moles seeking US IT roles, Mandiant provides tips for spotting them. These include diligent background checks, scrutinizing emails and resumes for inconsistencies, and employing measures such as biometric identity verification and video interviews. Additionally, they advise monitoring network traffic, tracking laptop serial numbers, and … Read more
September 16, 2024 at 12:53PM Snowflake has made multi-factor authentication (MFA) the default for all new user accounts, following investigations into data thefts. This change follows pressure to enhance security, with additional password strength measures also being implemented. Snowflake aims to eliminate password-only authentication in the long term and advises users to consult security best … Read more
July 29, 2024 at 02:48PM Ransomware groups are exploiting a critical vulnerability (CVE-2024-37085) in VMware ESXi hypervisors to gain full administrative access on domain-joined systems. Microsoft warns that known cybercriminal groups have already exploited this flaw to deploy ransomware. The issue was not initially recognized as being exploited in the wild when VMware released patches. … Read more
June 17, 2024 at 04:04PM KnowBe4 announced the launch of PhishER Plus Threat Intel, integrating Webroot’s website reputation data into its console. This feature enables faster detection and response to web-based threats, providing users with instant internet reputation data and enhancing threat detection. The new feature comes at no additional cost and is aimed at … Read more
May 31, 2024 at 02:38AM Cloudflare’s threat intel team thwarted a month-long phishing and espionage attack targeting Ukraine, attributed to Russia-aligned group FlyingYeti. The attack targeted financially strained citizens after a government moratorium on evictions and utility disconnections ended. Cloudforce One stopped the threat, but the target base might have been vast. FlyingYeti intended to … Read more