Tag: stealth

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ Source: Cloud Blog Title: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) Feedly Summary: Written by: John Wolfram, Michael Edie, Jacob Thompson, Matt Lin, Josh Murchie On Thursday, April 3, 2025, Ivanti disclosed a critical security vulnerability, CVE-2025-22457, impacting Ivanti Connect Secure (“ICS”) VPN appliances version 22.7R2.5 and…

Cloud Blog: DPRK IT Workers Expanding in Scope and Scale

Apr 1, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/dprk-it-workers-expanding-scope-scale/ Source: Cloud Blog Title: DPRK IT Workers Expanding in Scope and Scale Feedly Summary: Written by: Jamie Collier Since our September 2024 report outlining the Democratic People’s Republic of Korea (DPRK) IT worker threat, the scope and scale of their operations has continued to expand. These individuals pose as legitimate remote workers…

Microsoft Security Blog: Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

—

by

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/31/analyzing-open-source-bootloaders-finding-vulnerabilities-faster-with-ai/ Source: Microsoft Security Blog Title: Analyzing open-source bootloaders: Finding vulnerabilities faster with AI Feedly Summary: Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot. Through a series of prompts, we…

Cisco Talos Blog: Beers with Talos: Year in Review episode

—

by

Source URL: https://blog.talosintelligence.com/beers-with-talos-year-in-review-episode/ Source: Cisco Talos Blog Title: Beers with Talos: Year in Review episode Feedly Summary: In this podcast, Joe, Hazel, Bill and Dave break down Talos’ Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity. AI Summary and…

Cisco Talos Blog: Available now: 2024 Year in Review

—

by

Source URL: https://blog.talosintelligence.com/available-now-2024-year-in-review/ Source: Cisco Talos Blog Title: Available now: 2024 Year in Review Feedly Summary: Download Talos’ 2024 Year in Review now, and access key insights on the top targeted vulnerabilities of the year, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks. AI Summary and Description:…

The Register: Ransomware crews add ‘EDR killers’ to their arsenal – and some aren’t even malware

—

by

Source URL: https://www.theregister.com/2025/03/31/ransomware_crews_edr_killers/ Source: The Register Title: Ransomware crews add ‘EDR killers’ to their arsenal – and some aren’t even malware Feedly Summary: Crims are disabling security tools early in attacks, Talos says interview Antivirus and endpoint security tools are falling short as ransomware crews increasingly deploy “EDR killers" to disable defenses early in the…

Hacker News: Malware found on NPM infecting local package with reverse shell

Mar 26, 2025

—

by

Source URL: https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell Source: Hacker News Title: Malware found on NPM infecting local package with reverse shell Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the emergence of sophisticated malware on the npm package repository, specifically through malicious packages like ethers-provider2 and ethers-providerz, which exhibit advanced evasive techniques to compromise legitimate…

Schneier on Security: AI Data Poisoning

Mar 26, 2025

—

by

Source URL: https://www.schneier.com/blog/archives/2025/03/ai-data-poisoning.html Source: Schneier on Security Title: AI Data Poisoning Feedly Summary: Cloudflare has a new feature—available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them into a “maze” of realistic-looking but irrelevant pages, wasting the…

The Register: Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos

Mar 18, 2025

—

by