Identity Reveal: Threat Actor Behind Golden Chicken Malware Service ExposedResearchers have identified the real-world identity of the threat actor behind Golden Chickens Malware-as-a-Service (MaaS), known as...
Month: January 2023
SOC Prime Threat Bounty — December 2022 Results
SOC Prime Threat Bounty — December 2022 Results December ‘22 Publications During the last month of the year 2022, Threat Bounty developers managed to submit 441...
Infrastructure-as-Code Security: a Critical Responsibility
Infrastructure-as-Code Security: a Critical ResponsibilityBy Thomas Segura, Technical Content Writer, GitGuardian By large, software is still in its adolescence compared to other large-scale industries. Although its...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - Vulnerabilities Database Notepad - CVEs Cyber Security News socprime
CVE-2022-42475 Detection: Zero-Day Vulnerability in FortiOS SSL-VPN Exploited in Attacks Against Government Entities and Large Organizations
CVE-2022-42475 Detection: Zero-Day Vulnerability in FortiOS SSL-VPN Exploited in Attacks Against Government Entities and Large Organizations Stay alert! Security researchers are warning the global cyber defender...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News heimdalsecurity
SwiftSlicer New Data-Wiping Malware Attacks Windows Operating Systems
SwiftSlicer New Data-Wiping Malware Attacks Windows Operating SystemsResearchers discovered a new attack on a Ukrainian target performed by Russian threat actors that used a new wiper...
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part I
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part I Insights into How SOC Prime Achieved 100% YoY Growth While Withstanding the Challenges of War...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News FeedzyAuto FeedzyAutoTOP Trend Micro Security
Abusing a GitHub Codespaces Feature For Malware Delivery
Abusing a GitHub Codespaces Feature For Malware DeliveryProof of Concept (POC): We investigate one of the GitHub Codespaces’ real-time code development and collaboration features that attackers...
Sandworm APT group hit Ukrainian news agency with five data wipers
Sandworm APT group hit Ukrainian news agency with five data wipersThe Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country’s national news...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News socprime
Rhadamanthys Malware Detection: New Infostealer Spread via Google Ads & Spam Emails to Target Crypto Wallets and Dump Sensitive Information
Rhadamanthys Malware Detection: New Infostealer Spread via Google Ads & Spam Emails to Target Crypto Wallets and Dump Sensitive Information Security experts have shed light on...
0 - CT 0 - CT - Cyberattacks - Phishing 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News cyberdefensemagazine
Remote Workers Face Growing Threats from Phishing Attacks
Remote Workers Face Growing Threats from Phishing AttacksAnalysis Shows Phishing Strikes Up 61% Over 2021, With a 50% Increase on Mobile Devices By Patrick Harr, CEO,...
Detect CVE-2022-47966 Exploits: Critical Zoho ManageEngine RCE Vulnerability Under Active Exploitation
Detect CVE-2022-47966 Exploits: Critical Zoho ManageEngine RCE Vulnerability Under Active Exploitation Another day, another critical RCE making rounds in the cyberthreat arena. This time security practitioners are...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News Grahamcluley
After data breach put their lives at risk, US releases 3000 immigrants seeking asylum
After data breach put their lives at risk, US releases 3000 immigrants seeking asylumImagine you're an immigrant, who has fled your home country for the United...
New Mimic Ransomware Uses Windows Search Engine to Find and Encrypt Files
New Mimic Ransomware Uses Windows Search Engine to Find and Encrypt FilesCybersecurity researchers uncovered a new strain of ransomware named Mimic. Mimic uses Everything API, a...
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords Stay alert! Security researchers have discovered a notorious vulnerability posing a serious threat to users of...
Smashing Security podcast #306: No Fly lists, cell phones, and the end of ransomware riches?
Smashing Security podcast #306: No Fly lists, cell phones, and the end of ransomware riches?What are prisoners getting up to with mobile phones? Why might ransomware...
Managing Cybersecurity for Critical National Infrastructure
Managing Cybersecurity for Critical National InfrastructureGeneral guidelines and realities of managing a cybersecurity program for critical national infrastructure By Juan Vargas, Cybersecurity and Engineering Consultant, Artech,...
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part II
Driving Business Growth in Turbulent Times from CISO’s Perspective: Part II Dive Into our Hubs Initiative as an Alternative to Remote Work Strategy: What’s Behind the...
ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convicted
ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convictedA 22-year-old suspected of being "Seyzo", a member of the ShinyHunters...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News Grahamcluley
Hive ransomware leak site and decryption keys seized in police sting
Hive ransomware leak site and decryption keys seized in police stingWebsites used by the Hive ransomware-as-a-service gang to extort ransoms and leak data stolen from corporate...
Kevin Mitnick Hacked California Law in 1983
Kevin Mitnick Hacked California Law in 1983Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my...
0 - CT 0 - CT - Cyberattacks - Phishing 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News SchneierOnSecurity
A Guide to Phishing Attacks
A Guide to Phishing AttacksThis is a good list of modern phishing techniques. Leer másSchneier on SecurityThis is a good list of modern phishing techniques.
Friday Squid Blogging: Squid-Inspired Hydrogel
Friday Squid Blogging: Squid-Inspired HydrogelScientists have created a hydrogel “using squid mantle and creative chemistry.” As usual, you can also use this squid post to talk...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News FeedzyAuto FeedzyAutoTOP Trend Micro Security
Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks
Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 AttacksWe discuss the Batloader malware campaigns we observed in the last quarter of 2022,...
Myth-busting Antivirus Software Assumptions
Myth-busting Antivirus Software Assumptions The number of new viruses grows every day. In fact, McAfee registers an average of 1.1 million new malicious programs and potentially unwanted apps...
0 - CT 0 - CT - CISO Strategics - Cybersecurity Frameworks 0 - CT - Cybersecurity Organizations - NIST Cyber Security News SchneierOnSecurity
NIST Is Updating Its Cybersecurity Framework
NIST Is Updating Its Cybersecurity FrameworkNIST is planning a significant update of its Cybersecurity Framework. At this point, it’s asking for feedback and comments to its...
Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
Earth Bogle: Campaigns Target the Middle East with Geopolitical LuresWe discovered an active campaign ongoing since at least mid-2022 which uses Middle Eastern geopolitical-themed lures to...
How To Recognize An Online Scam
How To Recognize An Online Scam It’s been a particularly busy and colourful week, scam-wise in our household. Between 4 family members, we’ve received almost 20...
Start the New Year Right With This 3-Step Digital Detox
Start the New Year Right With This 3-Step Digital Detox Pledging to follow healthier habits is consistently the most popular new year’s resolution. That January 1st...
Celebrate National Download Day With This Safe Downloading Checklist
Celebrate National Download Day With This Safe Downloading Checklist Happy Download Day! (Yes, there’s a day for that.) Today is an excellent day to share downloading...
Everything You Need to Know About Identity Remediation
Everything You Need to Know About Identity Remediation There are no ifs, ands, or buts about it: A stolen identity creates a mess. Once they have...