Experimental News Clipping Site

Tag: downloader

  • Cisco Talos Blog: Gamaredon campaign abuses LNK files to distribute Remcos backdoor

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/gamaredon-campaign-distribute-remcos/ Source: Cisco Talos Blog Title: Gamaredon campaign abuses LNK files to distribute Remcos backdoor Feedly Summary: Cisco Talos is actively tracking an ongoing campaign, targeting users in Ukraine with malicious LNK files which run a PowerShell downloader since at least November 2024. AI Summary and Description: Yes **Summary:** The text details a…

  • Hacker News: Malware found on NPM infecting local package with reverse shell

    by

    Kurt Seifried
    in

    Source URL: https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell Source: Hacker News Title: Malware found on NPM infecting local package with reverse shell Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the emergence of sophisticated malware on the npm package repository, specifically through malicious packages like ethers-provider2 and ethers-providerz, which exhibit advanced evasive techniques to compromise legitimate…

  • Cloud Blog: Cybercrime: A Multifaceted National Security Threat

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/cybercrime-multifaceted-national-security-threat/ Source: Cloud Blog Title: Cybercrime: A Multifaceted National Security Threat Feedly Summary: Executive Summary Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders’ resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors than state-backed intrusions. Despite this…

  • Schneier on Security: Ultralytics Supply-Chain Attack

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/12/ultralytics-supply-chain-attack.html Source: Schneier on Security Title: Ultralytics Supply-Chain Attack Feedly Summary: Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics ­—which has almost 60 million downloads—was published to the Python Package Index…

  • Microsoft Security Blog: Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/ Source: Microsoft Security Blog Title: Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage Feedly Summary: Microsoft has observed Secret Blizzard compromising the infrastructure and backdoors of the Pakistan-based threat actor we track as Storm-0156 for espionage against the Afghanistan government and Indian Army targets. The post Frequent freeloader part…

  • Bulletins: Vulnerability Summary for the Week of October 28, 2024

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/bulletins/sb24-309 Source: Bulletins Title: Vulnerability Summary for the Week of October 28, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acnoo — flutter_api  Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API:…