Security Leftovers
-
Netcraft ☛ The Bleeding Edge of Phishing: darcula-suite 3.0 Enables DIY Phishing of Any Brand
Key Data
- darcula-suite represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customizable phishing campaigns.
- Novel use of Headless Chrome and browser automation tool allows even non-technical criminals to quickly and easily clone any brand’s legitimate website and create a phishing version.
- The latest version of darcula-suite is expected to launch in mid-February.
-
Security Week ☛ PoC Exploit Published for Critical Ivanti EPM Vulnerabilities
Proof-of-concept (PoC) code and technical details on four critical-severity Ivanti EPM vulnerabilities are now available.
-
Security Week ☛ Mining Company NioCorp Loses $500,000 in BEC Hack
NioCorp Developments has informed the SEC that it lost $0.5 million after its systems were compromised.
-
Security Week ☛ US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures
US military health benefits program administrator HNFS to pay $11 million in settlement over its false claims of cybersecurity compliance.
-
Security Week ☛ Atlassian Patches Critical Vulnerabilities in Confluence, Crowd
Atlassian has released patches for 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira.
-
Linux Foundation
-
OpenSSF (Linux Foundation) ☛ Does the EU CRA affect my business?
The European Union’s Cyber Resilience Act (CRA) is a piece of legislation that covers all countries within the EU and the EEA and entered into force on 10th December 2024. It covers many types of devices and applications that are either sold or otherwise made commercially available on the European market and the intention behind it is to improve the cybersecurity of products available to consumers and businesses across Europe.
-
-
Confidentiality
-
Bruce Schneier ☛ Implementing Cryptography in AI Systems - Schneier on Security
-
-
Integrity/Availability/Authenticity
-
Silicon Angle ☛ New report warns of growing threat of mobile phishing targeting SMS and messaging apps
A new report out today from zLAbs, the security research arm of mobile security platform provider Zimperium Inc., warns of a significant rise in mobile phishing, or “mishing,” as attackers increasingly target mobile devices with sophisticated social engineering techniques.
-
-
Windows TCO / Windows Bot Nets
-
Silicon Angle ☛ CISA and FBI warns Ghost ransomware is targeting critical infrastructure and businesses [Ed: Windows TCO mostly]
The U.S. Cybersecurity and Infrastructure Agency, along with the Federal Bureau of Investigation and the Multi-State Information Sharing and Analysis Center, has issued a joint advisory warning of the activities of Ghost ransomware, also known as Cling.
-
Security Week ☛ CISA, FBI Warn of China-Linked Ghost Ransomware Attacks
CISA and the FBI warn organizations of attacks employing the Ghost (Cring) ransomware, operated by Chinese hackers.
-
Security Week ☛ Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines
China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers.
-
Cyble Inc ☛ AsyncRAT Attack: Null-AMSI Bypasses Security For Remote Access
Cyble Research and Intelligence Labs (CRIL) has uncovered a stealthy campaign that uses malicious LNK files disguised as seemingly innocent wallpapers to deliver AsyncRAT—an infamous remote access trojan (RAT).
This attack chain is designed to exploit various vulnerabilities, utilizing sophisticated techniques to evade detection and achieve persistence on the victim’s system. With advanced evasion methods like Null-AMSI, this campaign has the potential to bypass traditional security measures, posing a cyber risk to users worldwide.
-