Top News

• DLL Sideloading & Proxying: New Campaign Delivers Sliver Implants to German Targets

"Cyble Research and Intelligence Labs (CRIL) has uncovered an ongoing cyber campaign targeting German organizations using sophisticated tactics like DLL sideloading, proxying, and the deployment of the Sliver implant, an open-source red-teaming framework adapted for malicious purposes."

Link

TLP¹ : Green

• Telegram captcha tricks you into running malicious PowerShell scripts

"Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into run PowerShell code that infects them with malware."

Link

TLP¹ : Green

• QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features

"Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review

"The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS)."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• IPany VPN breached in supply-chain attack to push custom malware

"South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

"SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a zero-day."

Link

TLP¹ : Green

• Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

"Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Train in ethical hacking skills with these self-paced online courses

"Securing your computer and network is a lot more complex than setting a trusty password (that isn’t your pet’s name!). There is an entire IT field devoted to testing the security of a system or network—ethical hacking and penetration testing."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Botnets Never Die: An Analysis of the Large Scale Botnet AIRASHI

"In August 2024, XLab observed a premeditated large-scale DDoS attack targeting the distribution platforms of the chinese game Black Myth: Wukong, namely Steam and Perfect World.This attack operation was divided into four waves, with the attackers carefully selecting the peak online hours of gamers in various time zones to launch sustained attacks lasting several hours."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp