Iranian hackers impersonate journalists in social engineering campaign
https://cyberscoop.com/iranian-hackers-impersonate-journalists-in-social-engineering-campaign
@cyberagents
https://cyberscoop.com/iranian-hackers-impersonate-journalists-in-social-engineering-campaign
@cyberagents
CyberScoop
Iranian hackers impersonate journalists in social engineering campaign
Members of a notorious Iranian hacking crew are using false personas to steal credentials and access victim cloud environments, per a new Mandiant report.
Iranian Cyberspies Hit Targets With New Backdoors
https://www.securityweek.com/iranian-cyberspies-target-governments-ngos-with-new-backdoors/
@cyberagents
https://www.securityweek.com/iranian-cyberspies-target-governments-ngos-with-new-backdoors/
@cyberagents
SecurityWeek
Iranian Cyberspies Hit Targets With New Backdoors
Iranian state-sponsored group APT42 is targeting NGOs, government, and intergovernmental organizations with two new backdoors.
Nmap 7.95 released: New OS and service detection signatures
https://www.helpnetsecurity.com/2024/05/10/nmap-7-95-released/
@cyberagents
https://www.helpnetsecurity.com/2024/05/10/nmap-7-95-released/
@cyberagents
Help Net Security
Nmap 7.95 released: New OS and service detection signatures - Help Net Security
Nmap is a free, open-source tool for network discovery and security auditing. It's valued by systems and network administrators for network inventory,
TP-Link fixes critical RCE bug in popular C5400X gaming router
https://www.bleepingcomputer.com/news/security/tp-link-fixes-critical-rce-bug-in-popular-c5400x-gaming-router/
@cyberagents
https://www.bleepingcomputer.com/news/security/tp-link-fixes-critical-rce-bug-in-popular-c5400x-gaming-router/
@cyberagents
BleepingComputer
TP-Link fixes critical RCE bug in popular C5400X gaming router
The TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on the device.
CISA has added a critical flaw in Oracle WebLogic Server to its KEV catalog due to active exploitation.
https://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html
This OS command injection vulnerability (CVE-2017-3506) could allow attackers to take control of affected servers.
@cyberagents
https://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html
This OS command injection vulnerability (CVE-2017-3506) could allow attackers to take control of affected servers.
@cyberagents
Muhstik botnet malware is now exploits CVE-2023-33246 in Apache RocketMQ, targeting IoT devices and Linux servers for DDoS attacks and cryptomining.
https://thehackernews.com/2024/06/muhstik-botnet-exploiting-apache.html
@cyberagents
https://thehackernews.com/2024/06/muhstik-botnet-exploiting-apache.html
@cyberagents
New Linux malware is controlled through emojis sent from Discord
https://www.bleepingcomputer.com/news/security/new-linux-malware-is-controlled-through-emojis-sent-from-discord/
@cyberagents
https://www.bleepingcomputer.com/news/security/new-linux-malware-is-controlled-through-emojis-sent-from-discord/
@cyberagents
BleepingComputer
New Linux malware is controlled through emojis sent from Discord
A newly discovered Linux malware dubbed 'DISGOMOJI' uses the novel approach of utilizing emojis to execute commands on infected devices in attacks on government agencies in India.
Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups
https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html
@cyberagents
https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html
@cyberagents
Trend Micro
Noodle RAT Reviewing the Backdoor Used by Chinese-Speaking Groups
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.
Espioage Alert: Five Eyes Chiefs Sound the Alarm on Chinese Spying!
http://osintdaily.blogspot.com/2024/06/espioage-alert-five-eyes-chiefs-sound.html
@cyberagents
http://osintdaily.blogspot.com/2024/06/espioage-alert-five-eyes-chiefs-sound.html
@cyberagents
Blogspot
Espioage Alert: Five Eyes Chiefs Sound the Alarm on Chinese Spying!
A blog about the 17 spy agencies comprising the US Intelligence Community
Operation Celestial Force employs mobile and desktop malware to target Indian entities
https://blog.talosintelligence.com/cosmic-leopard/
@cyberagents
https://blog.talosintelligence.com/cosmic-leopard/
@cyberagents
Cisco Talos Blog
Operation Celestial Force employs mobile and desktop malware to target Indian entities
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track as “HeavyLift.”