tradecraft – Experimental News Clipping Site

Unit 42: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework

Sep 24, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/bookworm-to-stately-taurus/ Source: Unit 42 Title: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework Feedly Summary: We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft. The post Bookworm to Stately Taurus Using the Unit 42 Attribution Framework appeared first on Unit…

Security Info Watch: Huntress launches Threat Simulator to educate users—from the hacker’s perspective

Jun 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.securityinfowatch.com/cybersecurity/press-release/55296212/huntress-huntress-launches-threat-simulator-to-educate-usersfrom-the-hackers-perspective Source: Security Info Watch Title: Huntress launches Threat Simulator to educate users—from the hacker’s perspective Feedly Summary: Huntress launches Threat Simulator to educate users—from the hacker’s perspective AI Summary and Description: Yes Summary: Huntress has launched Threat Simulator, an interactive training tool designed to enhance security awareness by simulating real-world hacker tactics.…

Cloud Blog: Windows Remote Desktop Protocol: Remote to Rogue

Apr 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol/ Source: Cloud Blog Title: Windows Remote Desktop Protocol: Remote to Rogue Feedly Summary: Written by: Rohit Nambiar Executive Summary In October 2024, Google Threat Intelligence Group (GTIG) observed a novel phishing campaign targeting European government and military organizations that was attributed to a suspected Russia-nexus espionage actor we track as UNC5837. The…

Hacker News: Yes, Claude Code can decompile itself. Here’s the source code

Mar 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://ghuntley.com/tradecraft/ Source: Hacker News Title: Yes, Claude Code can decompile itself. Here’s the source code Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the implications of using AI in software engineering, specifically focusing on a newly released AI coding assistant named Claude Code by Anthropic. It highlights the use…

Cloud Blog: Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Feb 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger/ Source: Cloud Blog Title: Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger Feedly Summary: Written by: Dan Black Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this…

Microsoft Security Blog: Storm-2372 conducts device code phishing campaign

Feb 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/13/storm-2372-conducts-device-code-phishing-campaign/ Source: Microsoft Security Blog Title: Storm-2372 conducts device code phishing campaign Feedly Summary: Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures…

Hacker News: The Nearest Neighbor Attack

Nov 25, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/ Source: Hacker News Title: The Nearest Neighbor Attack Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the Nearest Neighbor Attack, a novel cyber-espionage technique utilized by the Russian APT group GruesomeLarch to access targets remotely via compromised Wi-Fi networks of nearby organizations. It highlights the importance of strengthening…

Tag: tradecraft

Unit 42: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework

Security Info Watch: Huntress launches Threat Simulator to educate users—from the hacker’s perspective

Cloud Blog: Windows Remote Desktop Protocol: Remote to Rogue

Hacker News: Yes, Claude Code can decompile itself. Here’s the source code

Cloud Blog: Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Microsoft Security Blog: Storm-2372 conducts device code phishing campaign

Hacker News: The Nearest Neighbor Attack