Tag: advanced persistent threat
-
Cisco Talos Blog: Exploring vulnerable Windows drivers
Source URL: https://blog.talosintelligence.com/exploring-vulnerable-windows-drivers/ Source: Cisco Talos Blog Title: Exploring vulnerable Windows drivers Feedly Summary: This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about malicious Windows drivers. AI Summary and Description: Yes Summary: The text provides an…
-
The Register: Salt Typhoon’s surge extends far beyond US telcos
Source URL: https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/ Source: The Register Title: Salt Typhoon’s surge extends far beyond US telcos Feedly Summary: Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew’s operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according…
-
Hacker News: Spies Jumped from One Network to Another via Wi-Fi in an Unprecedented Hack
Source URL: https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/ Source: Hacker News Title: Spies Jumped from One Network to Another via Wi-Fi in an Unprecedented Hack Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a novel Wi-Fi hacking technique identified by cybersecurity researchers, particularly a type of attack dubbed the “nearest neighbor attack,” which allows hackers to…
-
Slashdot: Russian Spies Jumped From One Network To Another Via Wi-Fi
Source URL: https://mobile.slashdot.org/story/24/11/22/2331247/russian-spies-jumped-from-one-network-to-another-via-wi-fi?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Russian Spies Jumped From One Network To Another Via Wi-Fi Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant cybersecurity breach investigated by Veloxity, detailing how Russian hackers were able to daisy-chain multiple Wi-Fi networks to conduct sophisticated intrusions. This case study illustrates the evolving…
-
Slashdot: Inside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its Devices
Source URL: https://it.slashdot.org/story/24/11/01/088213/inside-a-firewall-vendors-5-year-war-with-the-chinese-hackers-hijacking-its-devices?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Inside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its Devices Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant cybersecurity battle undertaken by Sophos against Chinese hackers targeting firewall products. This situation has implications for information security, particularly concerning the risks associated…
-
The Register: Russian spies use remote desktop protocol files in unusual mass phishing drive
Source URL: https://www.theregister.com/2024/10/30/russia_wrangles_rdp_files_in/ Source: The Register Title: Russian spies use remote desktop protocol files in unusual mass phishing drive Feedly Summary: The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel Microsoft says a mass phishing campaign by Russia’s foreign intelligence services (SVR) is now in its second week, and…
-
Cisco Talos Blog: Writing a BugSleep C2 server and detecting its traffic with Snort
Source URL: https://blog.talosintelligence.com/writing-a-bugsleep-c2-server/ Source: Cisco Talos Blog Title: Writing a BugSleep C2 server and detecting its traffic with Snort Feedly Summary: This blog will demonstrate the practice and methodology of reversing BugSleep’s protocol, writing a functional C2 server, and detecting this traffic with Snort. AI Summary and Description: Yes Summary: The text provides an in-depth…