Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2022-11-29 02:00   The most effective CNAPP leverages agentless and agent-based security    #lacework #威胁情报 I’ve said it before and I’ll say it again – cloud security is hard. Most organizations are adopting the cloud and accelerating their pace of delivery, leading to security teams struggling to keep up with the dynamic (almost chaotic) landscape. It’s not enough to rely on a single layer of security wh

2022-11-29 01:26   Always Another Secret: Lifting the Haze on China-nexus Espionage in Southeast Asia    #alienvault #威胁情报 Mandiant Managed Defense recently identified cyber espionage activity that heavily leverages USB devices as an initial infection vector and concentrates on the Philippines. Mandiant tracks this activity as UNC4191. UNC4191 operations have affected a range of public and private sector entities primar

2022-11-29 00:49   Wiki Ransomware Being Distributed in Korea    #alienvault #威胁情报 Wiki ransomware is a variant of Crysis, which encrypts files and demands a ransom of £1,000 ($2,500). Crysis types of ransomware are usually distributed through RDP, so elaborate screening for RDP connection environments is advised. Moreover, as this Wiki ransomware is distributed in disguise as a

2022-11-28 23:23   RansomBoggs: New ransomware targeting Ukraine    #welivesecurity(ESET) #威胁情报 ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm's fingerprints all over itThe post RansomBoggs: New ransomware targeting Ukraine appeared first on WeLiveSecurity

2022-11-28 22:37   Malicious Life Podcast: Jailbreaking Tractors    #cybereason #威胁情报 John Deere, an American agricultural machinery manufacturer, has recently enraged many farmers and digital rights activists due to the restrictive fixing policy of its tractors. Now, an Australian white hat hacker named Sick Codes has demonstrated not only how he was able to jailbreak the comp

2022-11-28 22:00   Best of both for CSPM: Lacework & AWS Security Hub    #lacework #威胁情报 Cloud security posture is an important part of any organization’s security practice. By understanding your assets and attack surface, you have a better opportunity to identify, detect, and respond to risks before they become a major issue. The problem is that security teams typically struggle

2022-11-28 21:10   28th November– Threat Intelligence Report    #checkpoint #威胁情报 For the latest discoveries in cyber research for the week of 28th November, please download our Threat Intelligence Bulletin. Top Attacks and Breaches The European Parliament website has been attacked following a vote declaring Russia a state sponsor of terrorism. The pro-Russian hacktivist groups A

2022-11-28 21:00   WhisperGate Wiper: Watch This Threat Get Silenced by BlackBerry (Video)    #blackberry #威胁情报 At first glance WhisperGate Wiper appears to be a typical ransomware. However, it's purpose isn't financial gain, but data corruption and operational disruption. Watch as WhisperGate tries to infect a system running CylanceOPTICS® and CylancePROTECT®.

2022-11-28 19:48   REvil    #DarkFeed #威胁情报 Sunknowledge Services

2022-11-28 17:35   Punisher Ransomware Spreading Through Fake COVID Site    #alienvault #威胁情报 A look at the Punisher Ransomware strain, which targets windows operating system and demands the equivalent of USD 1000 in Bitcoin for decrypting files, as well as a new variant of the malware. The threat actor was spreading the ransomware using a COVID-19 theme-based phishing website.

2022-11-28 17:32   The videoconference vulnerabilities    #telsy #威胁情报 As for business meetings or for hearing the family from all corners of the world, many people use video conferencing to connect with others and will likely continue to do so as global digitization advances. With millions of people around the world working from home, videoconferencing is quickly esta

2022-11-28 17:24   Emotet Strikes Again - Lnk File Leads to Domain Wide Ransomware    #alienvault #威胁情报 The report describes a campaign in June of 2022 where the threat actor gained access to an environment via Emotet and operated over an eight-day period. During this time period, multiple rounds of enumeration and lateral movement occurred using Cobalt Strike. Remote access tools were used for comman

2022-11-28 17:07   BlackCat (ALPHV)    #DarkFeed #威胁情报 Vision Technologies

2022-11-28 15:47   Lockbit    #DarkFeed #威胁情报 Bankseta

2022-11-28 15:45   Vice Society    #DarkFeed #威胁情报 IKEA Morocco/Kuwait