Aggregator
TI Lookup: Real-World Use Cases from a Malware Researcher
Editor’s note: The current article is authored by Anna Pham (also known as RussianPanda), a threat intelligence researcher. You can find her latest research and insights on X, LinkedIn, and her blog. ANY.RUN introduced Threat Intelligence Lookup in February 2024, followed by the YARA Search in April 2024. This article will explore both services and […]
The post TI Lookup: Real-World Use Cases <br>from a Malware Researcher appeared first on ANY.RUN's Cybersecurity Blog.
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)
Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and other flaws, and a day after ProjectDiscovery’s analysts published a detailed technical write-up about the vulnerability and a PoC exploit to demonstrate the potential for local exploitation. Other researchers have published PoCs on GitHub … More →
The post Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) appeared first on Help Net Security.
5 Must-Have Tools for Effective Dynamic Malware Analysis
Подводный киборг: исследователи скрестили биологию и электронику в одном робо-скате
ISC Stormcast For Wednesday, October 2nd, 2024 https://isc.sans.edu/podcastdetail/9162, (Wed, Oct 2nd)
Europe Begins Drafting AI Code of Practice
The European Commission appointed a 13 member team to draft the general purpose artificial intelligence code of practice mandated by the AI Act. The commission on Monday announced four working groups that will oversee drafting of the rules.
New funding to scale the benefits of AI
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Weekoverzicht Defensieoperaties
Бесконечный DDoS: CUPS превращает принтеры в невольных соучастников кибератак
Дуров снимает маску: Telegram уже 6 лет раскрывает данные преступников
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed
The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the LockBit ransomware-as-a-service operation in various roles. “A suspected developer of LockBit was arrested at the request of the French authorities, while the British authorities arrested two individuals for supporting the activity of a LockBit affiliate,” Europol announced on … More →
The post 4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed appeared first on Help Net Security.
New Bluetooth Vulnerability Leak, Your Passcode to Hackers During Pairing
A recently discovered vulnerability in Bluetooth technology has raised significant security concerns. This flaw could allow hackers to intercept passcodes during the device pairing process, affecting a wide range of Bluetooth devices and potentially having far-reaching implications for users worldwide. The Vulnerability: CVE-2020-26558 The vulnerability, CVE-2020-26558, is found in devices supporting the Passkey Entry association […]
The post New Bluetooth Vulnerability Leak, Your Passcode to Hackers During Pairing appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.