Top News

• CISA Released Advisories to Mitigate Living Off the Land Attack Techniques

"In collaboration with international partners, the Cybersecurity and Infrastructure Security Agency (CISA) has released comprehensive advisories to mitigate Living Off the Land (LOTL) attack techniques."

Link

TLP¹ : Green

• Hackers Hijacking Popular YouTube Channels To Deliver Infostealer Malware

"Hackers always end up targeting famous YouTube channels because of their large audience base, and their aim is to exploit the same for different reasons."

Link

TLP¹ : Green

• Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks

"Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Google Sues Two Chinese Developers Over Crypto Investment App Scams

"A recent lawsuit was filed by Google against two app developers, Yunfeng Sun (also known as Alphonse Sun) and Hongnam Cheung (also known as Zhang Hongnim and Stanford Fischer), for their alleged involvement in an international online investment fraud scheme."

Link

TLP¹ : Green

• CL0P's Ransomware Rampage - Security Measures for 2024

"Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to 2022. But in 2023 the CL0P ransomware gang took itself to new heights and became one of the most active and successful ransomware organizations in the world."

Link

TLP¹ : Green

• Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing

"Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Russia Charges Local Flight Booking Platform Following Data Breach

"Top executives of Sirena-Travel JSC, the developer behind the Leonardo airline ticket reservation system, find themselves at the center of a criminal prosecution."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Fortinet Vulnerability Exploited To Deploy RMM tools And PowerShell Backdoors

"Threat actors have been discovered exploiting a Fortinet Forticlient EMS vulnerability to install unauthorized RMM tools and PowerShell backdoors on the targeted systems."

Link

TLP¹ : Green

• Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks

"Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity Cloud PAM Essentials

"As cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can't be overstated. With organizations increasingly migrating to cloud environments, the PAM Solution Market is experiencing a transformative shift toward cloud-based offerings. One Identity PAM Essentials stands out among these as a SaaS-based PAM solution that prioritizes security, manageability, and compliance."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• CloudGrappler - A purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure

"CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp