Search cyberveille.decio.ch

Found 5 bookmarks

Custom sorting

Inside the Open Directory of the “You Dun” Threat Group

Analysis of an open directory found a Chinese speaking threat actor’s toolkit and history of activity. The threat actor displayed extensive scanning and exploitation using WebLogicScan, Vulmap, and Xray, targeting organizations in South Korea, China, Thailand, Taiwan, and Iran. The Viper C2 framework was present as well as a Cobalt Strike kit which included TaoWu and Ladon extensions. * The Leaked LockBit 3 builder was used to create a LockBit payload with a custom ransom note that included reference to a Telegram group which we investigated further in the report.

#thedfirreport #EN #2024 #Analysis #open-directory #LockBit #operational #You-Dun #group #China #tools #scan

·thedfirreport.com·Oct 28, 2024

Inside the Open Directory of the “You Dun” Threat Group

A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines | WIRED

It's hard enough creating one air-gap-jumping tool. Researchers say the group GoldenJackal did it twice in five years.

#wired #EN #2024 #GoldenJackal #Air-Gapped #steal #tools

·wired.com·Oct 13, 2024

A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines | WIRED

New hacker group uses open-source tools to spy on entities in Asia-Pacific region

An operation labeled TAG-100 by Insikt Group researchers deploys two types of backdoor malware — SparkRAT and Pantegana — that have only been spotted in limited ways previously.

#therecord.media #EN #2024 #TAG-100 #SparkRAT #Pantegana #spy #open-source #tools

·therecord.media·Jul 19, 2024

New hacker group uses open-source tools to spy on entities in Asia-Pacific region

'Crude' ransomware tools proliferating on the dark web for cheap, researchers find

Cheap ransomware is being sold for one-time use on dark web forums, allowing inexperienced freelancers to get into cybercrime without any interaction with affiliates. Researchers at the intelligence unit at the cybersecurity firm Sophos found 19 ransomware varieties being offered for sale or advertised as under development on four forums from June 2023 to February 2024.

#therecord #EN #2024 #Crude #Sophos #ransomware #tools #DarkWeb

·therecord.media·Apr 20, 2024

'Crude' ransomware tools proliferating on the dark web for cheap, researchers find

New ‘Magic’ Gmail Security Uses AI And Is Here Now, Google Says

Google has confirmed a new security scheme which, it says, will help “secure, empower and advance our collective digital future” using AI. Part of this AI Cyber Defence Initiative includes open-sourcing the new, AI-powered, Magika tool that is already being used to help protect Gmail users from potentially problematic content.

#forbes #EN #2024 #google #Cyber-Defense #initiative #file-type #tools #AI

·forbes.com·Feb 17, 2024

New ‘Magic’ Gmail Security Uses AI And Is Here Now, Google Says