I tried to make sense of the backdoor mechanism this time and summarized it in a one-page overview. 😵‍💫

There's obviously more technical detail to uncover, but you'll get a general understanding of the complexity and the stealthy mechanisms used to remain undetected. 🧐

Thanks…

Talks from DefCam 2023 security conference in Bucharest are now available

youtube.com/playlist?list=…

❗️ERRATUM: I despise spreading misinformation. Contrary to what I stated on Saturday, the Predator infrastructure that we follow at Sekoia.io is still active (47: UP - 37: DOWN - 16: TO CHECK). This was due to a bug in our tracking app... on Saturday morning. Mistakes happen🤬

With Operation Cronos LEA did not just take down down LockBit - the longest running RaaS to date, they did it in style.

Using LockBit's site to publish pressos, decryption keys, recovery tools, and what will happen next is simply🤌with sparkles on top.

bleepingcomputer.com/news/security/…

Every Patch Tuesday I'm reminded that in Microsoft's world, 'No thanks' means 'Ask me again later'.

🚨 POR FAVOR, MÁXIMA DIFUSIÓN.

Joven madre se quita la vida por extorsiones y amenazas luego de instalar App para el 'préstamo de dinero' 😰 (t13.cl/noticia/nacion…). Lamentablemente, hay muchos casos como este ocurriendo en LATAM y otras partes del mundo.

No instalen ninguna…

Loading...

Hope someone does this experiment and makes a video of it.

Google says that it removed the ads and took action against associate accounts.

Company added that it sees bad actors working on a larger scale and with more sophistication to evade detection.

So we're likely gonna see more of these

bleepingcomputer.com/news/security/…

AI rebooting company systems to take full control

bleepingcomputer.com/news/technolog…

Short link service for crims registered up to 75, 000 domains since April 2023.

Operation active for at least 4 years helped deliver phishing, scams, and malware.

In one day, they registered close to 800 domains, daily average since May is 43 domains.

#ProlificPuma

Companies should adopt this as the default reply when faced with extortion attempts.

Maybe countries signing the anti-ransomware statement at the Counter-Ransomware Initiative summit this week will help with this.

Hunting for traces of intrusion is difficult because Octo Tempest combines advanced social engineering with living-off-the-land tools and techniques.

Behind the attacks are technically adept individuals and hands-on-keyboard operators.

Anyone recognize this law enforcement logo?

CentOS Linux users rn:

- curl vulnerability where?
- Looney Tunables, who?
- HTTP/2 Rapid Reset what?

🤪

National Student Clearinghouse MOVEit data breach impacts 890 schools, colleges, and universities in the U.S.

bleepingcomputer.com/news/security/…

is this crypto-phishing or blockchain-phishing (blockphishing/chainphishing)?

forbes.com/sites/thomasbr…

Nir Chako went on a mission to find new LOLBAS files, and didn’t disappoint!

He dug up 11 new files with 12 LOLBAS functionalities, raising the count of known LOLBAS downloaders by a solid 30% – in just a month!

okt.to/f4VHdX

BleepingComputer Nir Chako, Ionut Ilascu