digicat@infosec.pubMEnglish · 2 天前CTO at NCSC Summary: week ending May 17thplus-squarepinctoatncsc.substack.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkCTO at NCSC Summary: week ending May 17thplus-squarepinctoatncsc.substack.comdigicat@infosec.pubMEnglish · 2 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 2 个月前Daily BlueTeamSec Briefing Archive - daily AI generated podcast of the last 24hours of postsplus-squarepinbriefing.workshop1.netexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkDaily BlueTeamSec Briefing Archive - daily AI generated podcast of the last 24hours of postsplus-squarepinbriefing.workshop1.netdigicat@infosec.pubMEnglish · 2 个月前message-square0linkfedilink
digicat@infosec.pubMEnglish · 10 小时前FlowerStorm unleashes the KrakVM: PhaaS operators turn to VM-based obfuscationplus-squaresublime.securityexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkFlowerStorm unleashes the KrakVM: PhaaS operators turn to VM-based obfuscationplus-squaresublime.securitydigicat@infosec.pubMEnglish · 10 小时前message-square0linkfedilink
digicat@infosec.pubMEnglish · 19 小时前DirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Writeplus-squaredelphoslabs.comexternal-linkmessage-square0linkfedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkDirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Writeplus-squaredelphoslabs.comdigicat@infosec.pubMEnglish · 19 小时前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前LID: LID — Linux Integrity Drift: Bypassing AppArmor via eBPF pathname rewriting. Pre-LSM syscall argument manipulation with zero audit footprint. "Linux is Dying"plus-squaregithub.comexternal-linkmessage-square1linkfedilinkarrow-up13arrow-down11
arrow-up12arrow-down1external-linkLID: LID — Linux Integrity Drift: Bypassing AppArmor via eBPF pathname rewriting. Pre-LSM syscall argument manipulation with zero audit footprint. "Linux is Dying"plus-squaregithub.comdigicat@infosec.pubMEnglish · 1 天前message-square1linkfedilink
digicat@infosec.pubMEnglish · 1 天前Mullvad exit IPs as a fingerprinting vectorplus-squaretmctmt.comexternal-linkmessage-square0linkfedilinkarrow-up110arrow-down10
arrow-up110arrow-down1external-linkMullvad exit IPs as a fingerprinting vectorplus-squaretmctmt.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前HWMonitor Trojanized for STX RAT DLL Sideloadingplus-squaregurucul.comexternal-linkmessage-square0linkfedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkHWMonitor Trojanized for STX RAT DLL Sideloadingplus-squaregurucul.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Static Kitten APT Adversary Simulationplus-squaremedium.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkStatic Kitten APT Adversary Simulationplus-squaremedium.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase.x.comexternal-linkmessage-square0linkfedilinkarrow-up17arrow-down10
arrow-up17arrow-down1external-linkWe recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase.x.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulationsplus-squarewww.security.comexternal-linkmessage-square0linkfedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkFast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulationsplus-squarewww.security.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Admiralty System for CTI Claude skillplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkAdmiralty System for CTI Claude skillplus-squaregithub.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Popular node-ipc npm Package Infected with Credential Steale...plus-squaresocket.devexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkPopular node-ipc npm Package Infected with Credential Steale...plus-squaresocket.devdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.plus-squarefortiguard.fortinet.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkAn Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.plus-squarefortiguard.fortinet.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Sandworm Activity in Industrial Environments: What the Data Revealsplus-squarewww.nozominetworks.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkSandworm Activity in Industrial Environments: What the Data Revealsplus-squarewww.nozominetworks.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前"Shadowserver-in-a-box" IntelMQ + ELK Solutionplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-link"Shadowserver-in-a-box" IntelMQ + ELK Solutionplus-squaregithub.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前The Gentlemen Ransomware Group — Leak Analysisplus-squareransom-isac.orgexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkThe Gentlemen Ransomware Group — Leak Analysisplus-squareransom-isac.orgdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Somebody backdoored the package bfunky/http-parser on packagist with a stealer - package not touched since 2018plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkSomebody backdoored the package bfunky/http-parser on packagist with a stealer - package not touched since 2018plus-squaregithub.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Toolsplus-squareunit42.paloaltonetworks.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkInside AD CS Escalation: Unpacking Advanced Misuse Techniques and Toolsplus-squareunit42.paloaltonetworks.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Filesplus-squareunit42.paloaltonetworks.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkGremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Filesplus-squareunit42.paloaltonetworks.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
digicat@infosec.pubMEnglish · 1 天前Chinese APT Campaign Targets Entities with Updated FDMTP Backdoorplus-squarewww.darktrace.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkChinese APT Campaign Targets Entities with Updated FDMTP Backdoorplus-squarewww.darktrace.comdigicat@infosec.pubMEnglish · 1 天前message-square0linkfedilink
