Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

CrowdStrike

Threat Actor Distributes Python-Based Information Stealer Using a Fake Falcon Sensor Update Lure

Jul 23, 2024 By Counter Adversary Operations In CrowdStrike
On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. A threat actor distributed this file days after the July 19, 2024, single content update for CrowdStrike’s Falcon sensor — which impacted Windows operating systems — was identified and a fix was deployed. The ZIP file uses the filename CrowdStrike Falcon.zip in an attempt to masquerade as a Falcon update.
Read Post
securitysenses

Cyber Threats in TON: How to Identify and Mitigate Risks

Jul 23, 2024 By SecuritySenses In SecuritySenses
The Open Network (TON) is an innovative blockchain platform designed to enable a new era of decentralized applications and services. With its growing popularity, TON has attracted not only developers and users but also cybercriminals seeking to exploit its vulnerabilities. Understanding the potential cyber threats within the TON ecosystem is crucial for users and developers alike to safeguard their assets and data. In this blog post, we will delve into the various cyber threats facing TON, explore how to identify these risks, and provide strategies to mitigate them effectively.
Read Post
Rubrik

The Road to Resilience: Establishing a Minimum Viable Business through Rubrik Security Cloud

Jul 22, 2024 By Mike Preston In Rubrik
In the fast-paced and interconnected world of business, the continuity of operations after a cyber attack is paramount. Many companies today are embracing the concepts of Minimum Viable Business/Company (MVB/C) as a key strategy in ensuring that their core business applications and processes are able to survive in the face of adversity.
Read Post
foresiet

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

Jul 22, 2024 By Foresiet In Foresiet
The SocGholish malware, also known as FakeUpdates, has resurfaced with new tactics that leverage the BOINC (Berkeley Open Infrastructure Network Computing Client) platform for nefarious purposes. This sophisticated JavaScript downloader malware is now delivering a remote access trojan, AsyncRAT, and utilizing BOINC in a covert cyberattack campaign. This blog will delve into the specifics of this exploit, the implications for cybersecurity, and measures to mitigate the risks.
Read Post
foresiet

New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

Jul 22, 2024 By Foresiet In Foresiet
In a recent development, cybersecurity researchers have identified a new Linux variant of the notorious Play ransomware, also known as Balloonfly and PlayCrypt. This variant specifically targets VMware ESXi environments, signaling a strategic expansion by the threat actors behind it. Trend Micro's report published on Friday highlights the potential for a broader victim pool and more effective ransom negotiations as a result of this evolution.
Read Post
CrowdStrike

Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer

Jul 22, 2024 By Counter Adversary Operations In CrowdStrike
On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal.
Read Post
bluevoyant

Protiviti and BlueVoyant Forge Strategic Partnership to Reinforce Cybersecurity Service Offerings Powered by the Microsoft Security Platform

Jul 22, 2024 By BlueVoyant and Protiviti In BlueVoyant
We're excited to announce that Protiviti, a global leader in consulting services and recognized authority in Microsoft compliance and identity, has formed a strategic partnership with BlueVoyant, an industry-leading MXDR Sentinel services provider, that additionally offers an AI-driven cyber defense platform.
Read Post
CrowdStrike

Likely eCrime Actor Uses Filenames Capitalizing on July 19, 2024, Falcon Sensor Content Issues in Operation Targeting LATAM-Based CrowdStrike Customers

Jul 20, 2024 By Counter Adversary Operations In CrowdStrike
On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon sensor impacting Windows operating systems was identified, and a fix was deployed.1 CrowdStrike Intelligence has since observed threat actors leveraging the event to distribute a malicious ZIP archive named crowdstrike-hotfix.zip. The ZIP archive contains a HijackLoader payload that, when executed, loads RemCos.
Read Post
foresiet

Top 5 Stealer Logs Currently Affecting Users in 2024

Jul 19, 2024 By Foresiet In Foresiet
In today's digital landscape, stealer logs have become a significant threat, targeting sensitive information and compromising security. At Foresiet Threat Intelligence Team, we continuously monitor and analyze these threats to help protect individuals and organizations. Here are the top 5 stealer logs currently affecting users.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.