Search cyberveille.decio.ch

Found 8 bookmarks

Custom sorting

Akira ransomware continues to evolve

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group's attack chain, targeted verticals, and potential future TTPs.

#talosintelligence #EN #2024 #Akira #analysis #ransomware #group #TTPs

·blog.talosintelligence.com·Oct 26, 2024

Akira ransomware continues to evolve

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.

#talosintelligence #EN #2024 #vulnerability #report #OpenPLC #CVE-2024-34026

·talosintelligence.com·Sep 28, 2024

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these “pirated” resources to send unsolicited email.

#talosintelligence #EN #2024 #spam #unsolicited #email #Techniques #hird-party #infrastructure

·blog.talosintelligence.com·Sep 27, 2024

Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.

#talosintelligence #EN #2024 #vulnerabilities #Microsoft #apps #macos #Outlook

·blog.talosintelligence.com·Aug 20, 2024

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

How do cryptocurrency drainer phishing scams work?

In recent months, a surge in cryptodrainer phishing attacks has been observed, targeting cryptocurrency holders with sophisticated schemes aimed at tricking them into divulging their valuable credentials.

#talosintelligence #EN #2024 #cryptodrainer #phishing #attacks #analysis

·blog.talosintelligence.com·Jul 11, 2024

How do cryptocurrency drainer phishing scams work?

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

Multiple TTPs utilized in this campaign bear some overlap with North Korean APT groups.

#talosintelligence #EN #2024 #TTP #LilacSquid #research

·blog.talosintelligence.com·May 30, 2024

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the perfect intrusion point for espionage-focused campaigns.

#talosintelligence #EN #2024 #ArcaneDoor #perimeter-network #CVE-2024-20353 #CVE-2024-20359

·blog.talosintelligence.com·Apr 26, 2024

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices

GhostSec’s joint ransomware operation and evolution of their arsenal

Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware.

#talosintelligence #EN #2024 #GhostSec #ransomware #GhostLocker

·blog.talosintelligence.com·Mar 13, 2024

GhostSec’s joint ransomware operation and evolution of their arsenal