https://securelist.com/doublefinger-loader-delivering-greetingghoul-cryptocurrency-stealer/109982/
Kaspersky researchers share insight into multistage DoubleFinger loader attack delivering GreetingGhoul cryptocurrency stealer and Remcos RAT.
https://eaton-works.com/2023/06/06/honda-ecommerce-hack
A vulnerable password reset API made it possible to take over any account and gain admin-level access to the platform. In addition, broken/missing access controls made it possible to access all data on the platform.
https://thehackernews.com/2023/06/critical-rce-flaw-discovered-in.html
Urgent: A new critical RCE security vulnerability in FortiGate firewalls has been discovered.
https://help.offsec.com/hc/en-us/articles/16109715993364-Mid-year-Hack-a-thon-FAQ
https://www.elastic.co/security-labs/elastic-charms-spectralviper
Elastic Security Labs has discovered the P8LOADER, POWERSEAL, and SPECTRALVIPER malware families targeting a national Vietnamese agribusiness. REF2754 shares malware and motivational elements of the REF4322 and APT32 activity groups.
https://thehackernews.com/2023/06/new-critical-moveit-transfer-sql.html
Attention all businesses using MOVEit Transfer! Progress Software has just rolled out critical patches to address new SQL injection flaws.
Hello and welcome! I joined the Lemmy fediverse a week ago, and settled in to the sh.itjust.works instance yesterday. I had pulled back from most of my social and general use of Reddit a few years back, and mostly just used it as a more social RSS feed to keep abreast of things going on in the cybersecurity and information security world. One of the first things I noticed when exploring the Lemmy Fediverse was that outside of the general tech communities, there was only a single cybersecurity community which hadn't seen any activity in over a year or more.
I've gone back to my old stalwart RSS feeds, so I decided to create this community and post any articles I find interesting that come across my feed. Hopefully others will find it helpful as well!
I really hope that the social aspect of the community will take hold here too, and encourage anyone to make any link or text posts related to cybersecurity that they want. I don't really want this to turn into a place where every other question is "How do I get into cybersecurity?" or "Will you be my mentor?", but the Lemmy community is small so at this point I'd welcome any sort of community interaction.
To kick things off with a little about myself, started my career working as a network engineer for a WISP, scampering across city roofs, throwing up non-pen mounts for PtP radios, and slinging multi-Gbps links from building to building. I slowly transitioned into a SOC through a few calculated job transitions, then after a few more I've found myself working on a team that splits our time providing penetration tests for internal business lines and running red team/adversary emulation engagements against my company. Over the past few years I've earned my OSCP, OSEP, and OSWE, along with a handful of GIAC certifications. I'm currently working on the study materials for the OSED. I don't have any coding experience, just a bit of scripting ability, but I am very excited to jump in to binary exploitation and reverse engineering. It's the closest thing to magic to me in this space, and I can't wait to deconstruct and demystify it a bit.
Thanks for reading, and glad you're here!
https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/
Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations for financial fraud, and did not use a reverse proxy like typical AiTM attacks.
https://www.welivesecurity.com/2023/06/08/asylum-ambuscade-crimeware-or-cyberespionage/
A curious case of a threat actor at the border between crimeware and cyberespionage
https://www.schneier.com/blog/archives/2023/06/operation-triangulation-zero-click-iphone-malware.html
@borari
@sh.itjust.works