7hour ago   Top 10 macOS Malware Discoveries in 2022 Alchimist/ChromeLoader/CloudMensis/CrateDepression/DazzleSpy/Gimmick/Lazarus ‘Operation In(ter)ception’/oRAT/Pymafka/VPN Trojan https://www.sentinelone.com/blog/top-10-macos-malware-discoveries-in-2022/ pdf: https://github.com/blackorbird/APT_REPORT/blob/master/summary/2022/top-10-macos-malware-discoveries-in-2022.pdf    #[email protected] #社交媒体 Top 10 macOS Malware Discoveries in 2022Alchimist/ChromeLoader/CloudMensis/CrateDepression/DazzleSpy/Gimmick/Lazarus ‘Operation In(ter)ception’/oRAT/Pymafka/VPN Trojansentinelone.com/blog/top-10-…pdf:github.com/blackorbird/APT_R…

12hour ago   Internet Explorer 0-day exploited by North Korean actor APT37 https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/ https://www.inews24.com/view/1534369 CVE-2022-41128: Type confusion in Internet Explorer's JScript9 engine https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-41128.html Sample https://github.com/blackorbird/APT_REPORT/tree/master/group123/IEexploit202212sample    #[email protected] #社交媒体 Internet Explorer 0-day exploited by North Korean actor APT37blog.google/threat-analysis-…inews24.com/view/1534369CVE-2022-41128: Type confusion in Internet Explorer's JScript9 enginegoogleprojectzero.github.io/…Samplegithub.com/blackorbird/APT_R…

13hour ago   Backdoor discovered in PLDT home fiber routers https://0xsp.com/security%20research%20%20development%20srd/backdoor-discovered-in-pldt-home-fiber-routers/    #[email protected] #社交媒体 Backdoor discovered in PLDT home fiber routers0xsp.com/security%20research…

yday 12:10   Fake account Phishing https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/    #[email protected] #社交媒体 Fake account Phishingmicrosoft.com/en-us/security…

dby 18:58   Ways to compare malware from APT groups + ChatGPT    #[email protected] #社交媒体 Ways to compare malware from APT groups + ChatGPT

2022-12-05 16:25   ChatGPT Threat hunting?    #[email protected] #社交媒体 ChatGPT Threat hunting?

2022-12-02 16:11   FINDING BEACONS IN THE DARK A Guide to Cyber Threat Intelligence #ThreatHunting https://github.com/blackorbird/APT_REPORT/blob/master/APT-hunting/hunting-cobaltstrike-beacons-in-the-dark.pdf    #[email protected] #社交媒体 FINDING BEACONS IN THE DARK A Guide to Cyber Threat Intelligence #ThreatHuntinggithub.com/blackorbird/APT_R…

2022-12-02 15:49   Analysis of APT-C-60 Attack on South Korea https://www.linkedin.com/pulse/analysis-apt-c-60-attack-south-korea-threatbook/    #[email protected] #社交媒体 Analysis of APT-C-60 Attack on South Korealinkedin.com/pulse/analysis-…

2022-12-02 11:48   #Spyware vendor Variston framework 1:Web framework for deploying an exploit for a Chrome renderer bug followed by a sandbox escape. 2:Web framework that deploys a PDF containing a Windows Defender exploit. 3:A set of Firefox exploits for Linux and Windows. https://blog.google/threat-analysis-group/new-details-on-commercial-spyware-vendor-variston/    #[email protected] #社交媒体 #Spyware vendor Variston framework1:Web framework for deploying an exploit for a Chrome renderer bug followed by a sandbox escape.2:Web framework that deploys a PDF containing a Windows Defender exploit.3:A set of Firefox exploits for Linux and Windows.blog.google/threat-analysis-…

2022-12-01 12:09   Microsoft Exchange ProxyNotShell Remote Code Execution Exploit https://packetstormsecurity.com/files/170066    #[email protected] #社交媒体 Microsoft Exchange ProxyNotShell Remote Code Execution Exploitpacketstormsecurity.com/file…

2022-11-29 11:00   Threat Hunting with VirusTotal https://blog.virustotal.com/2022/11/threat-hunting-with-virustotal.html https://github.com/blackorbird/APT_REPORT/blob/master/APT-hunting/Threat%20Hunting%20with%20VirusTotal.pdf    #[email protected] #社交媒体 Threat Hunting with VirusTotalblog.virustotal.com/2022/11/…github.com/blackorbird/APT_R…

2022-11-23 15:59   Boa web servers remain pervasive in the development of IoT devices. https://www.microsoft.com/en-us/security/blog/2022/11/22/vulnerable-sdk-components-lead-to-supply-chain-risks-in-iot-and-ot-environments/    #[email protected] #社交媒体 Boa web servers remain pervasive in the development of IoT devices.microsoft.com/en-us/security…

2022-11-22 12:05   New #botnet RobinBot Targets were multiple game-related assets, one of which was the target *.jonesdev.xyz(Sonar Anti Bot), an experimental anti-bot plugin for Minecraft servers.#DDos #exploit #Mirai #Gafgyt #Omni https://mp.weixin.qq.com/s/CQgBh46m3aU1ZDs503M8AQ https://mp-weixin-qq-com.translate.goog/s/CQgBh46m3aU1ZDs503M8AQ?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp    #[email protected] #社交媒体 New #botnet RobinBot Targets were multiple game-related assets, one of which was the target *.jonesdev.xyz(Sonar Anti Bot), an experimental anti-bot plugin for Minecraft servers.#DDos #exploit #Mirai #Gafgyt #Omnimp.weixin.qq.com/s/CQgBh46m3…mp-weixin-qq-com.translate.g…

2022-11-20 16:05   THREAT HUNTING PLAYBOOK LEARN HOW TO EMBRACE A PROACTIVE SECURITY POSTURE https://github.com/blackorbird/APT_REPORT/blob/master/APT-hunting/THREAT%20HUNTING%20PLAYBOOK%20.pdf    #[email protected] #社交媒体 THREAT HUNTING PLAYBOOKLEARN HOW TO EMBRACE A PROACTIVE SECURITY POSTUREgithub.com/blackorbird/APT_R…

2022-11-16 14:34   #DTrack activity in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the United States, indicating that DTrack is spreading into more parts of the world. #Lazarus https://securelist.com/dtrack-targeting-europe-latin-america/107798/    #[email protected] #社交媒体 #DTrack activity in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the United States, indicating that DTrack is spreading into more parts of the world. #Lazarussecurelist.com/dtrack-target…