malicious activity – Page 5 – Experimental News Clipping Site

Unit 42: Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript

Dec 20, 2024

—

by

Source URL: https://unit42.paloaltonetworks.com/?p=137970 Source: Unit 42 Title: Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript Feedly Summary: This article demonstrates how AI can be used to modify and help detect JavaScript malware. We boosted our detection rates 10% with retraining. The post Now You See Me, Now You Don’t: Using…

Cisco Talos Blog: The evolution and abuse of proxy networks

Dec 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/the-evolution-and-abuse-of-proxy-networks/ Source: Cisco Talos Blog Title: The evolution and abuse of proxy networks Feedly Summary: Proxy and anonymization networks have been dominating the headlines, this piece discusses its origins and evolution on the threat landscape with specific focus on state sponsored abuse. AI Summary and Description: Yes Summary: The text discusses the growing…

The Register: Here’s what happens if you don’t layer network security – or remove unused web shells

Nov 22, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/22/cisa_red_team_exercise/ Source: The Register Title: Here’s what happens if you don’t layer network security – or remove unused web shells Feedly Summary: TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated The US Cybersecurity and Infrastructure Agency often breaks into critical organizations’ networks – with their permission,…

The Register: China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer

Nov 19, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/19/china_brazenbamboo_fortinet_0day/ Source: The Register Title: China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer Feedly Summary: No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet’s Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.… AI…

The Register: Scattered Spider, BlackCat claw their way back from criminal underground

Nov 8, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/08/scattered_spider_blackcat_return/ Source: The Register Title: Scattered Spider, BlackCat claw their way back from criminal underground Feedly Summary: We all know by now that monsters never die, right? Two high-profile criminal gangs, Scattered Spider and BlackCat/ALPHV, seemed to disappear into the darkness like their namesakes following a series of splashy digital heists last year,…

Alerts: Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments

Oct 31, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/31/foreign-threat-actor-conducting-large-scale-spear-phishing-campaign-rdp-attachments Source: Alerts Title: Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments Feedly Summary: CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious…

Alerts: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

Oct 30, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/30/fortinet-updates-guidance-and-indicators-compromise-following-fortimanager-vulnerability Source: Alerts Title: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation Feedly Summary: Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional workarounds and indicators of compromise (IOCs). A remote, unauthenticated cyber threat actor could exploit this vulnerability to gain access to sensitive…

Hacker News: How to get the whole planet to send abuse complaints to your best friends

Oct 29, 2024

—

by

system automation

in Uncategorized

Source URL: https://delroth.net/posts/spoofed-mass-scan-abuse/ Source: Hacker News Title: How to get the whole planet to send abuse complaints to your best friends Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a cybersecurity incident where the author received an abuse report linked to their server’s IP, suggesting potential involvement in malicious activities. Upon…

Cloud Blog: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)

Oct 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575/ Source: Cloud Blog Title: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) Feedly Summary: Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised FortiManager devices in various industries. The vulnerability,…

The Register: X to allow third parties to train their AI models with social media users’ data

Oct 18, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/18/x_train_data/ Source: The Register Title: X to allow third parties to train their AI models with social media users’ data Feedly Summary: Another raft of reasons to ponder your social media presence Elon Musk’s social media mouthpiece X (formerly known as Twitter) has updated its Terms of Service and Privacy Policy to direct…

Tag: malicious activity