-
Jun 12, 2022
Cybersecurity Multi-factor Authentication In-The-Wild bypass methods Two-factor authentication (2FA) or multi-factor authentication ( MFA ) is a method to authenticate through a service that requires at least two proofs of recognition. PACMAN M1 chip attack defeats ‘the last line of… read more »
-
Jun 11, 2022
Some days ago, a follower asked me for more information about an article announcing the possibility of hacking iPhones even when switched off. Actually, the situation is not that serious, but let’s take a step back. “slide to power off”… read more »
-
Jun 5, 2022
Cybersecurity Microsoft disrupts Bohrium hackers’ spear-phishing operation The Microsoft Digital Crimes Unit (DCU) has disrupted a spear-phishing operation linked to an Iranian threat actor tracked as Bohrium that targeted customers in the U.S., Middle East, and India. SMSFactory Android Trojan… read more »
-
May 29, 2022
Cybersecurity Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian Business Email Compromise Actor Today, INTERPOL and The Nigeria Police Force announced the arrest of a prominent business email compromise (BEC) actor who has been active since 2015. How This Shocking… read more »
-
May 22, 2022
Cybersecurity ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. InfoSec Handlers Diary… read more »
-
May 15, 2022
Cybersecurity Harmful Help: Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla This blog describes an attack that Unit 42 observed utilizing malicious compiled HTML help files for the initial delivery. We will show how to analyze the malicious… read more »
-
May 8, 2022
Cybersecurity Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding Cobalt Strike is commercial threat emulation software that emulates a quiet, long-term embedded actor in a network. This actor, known as Beacon, communicates with an external team server to… read more »
-
May 8, 2022
Gather all worries related to pandemics, wars and personal problems, process them, obtain what could be a glimmer of hope for a better tomorrow and put it on the stave. Album cover “Fleeting Moment of Truth”, my new album, is… read more »
-
May 1, 2022
Cybersecurity EmoCheck Tool 2.2 Supports and Detects New 64-bit Variants of Emotet Malware JPCERT/CC, Japan’s first CSIRT (Computer Security Incident Response Team), has released a new version of their open-source tool EmoCheck to identify new 64-bit variants of the Emotet… read more »
-
Apr 25, 2022
Cybersecurity LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave Operators of the LemonDuck botnet are targeting Docker instances in a cryptocurrency mining campaign. LemonDuck is cryptocurrency mining malware wrapped up in a botnet structure. Threat Assessment: BlackByte Ransomware… read more »
-
Apr 10, 2022
Cybersecurity A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs A massive DDoS attack took down Finnish government websites while Ukrainian President Zelenskyy addressed Finland’s members of parliament (MPs). On April 8, a denial-of-service attack took… read more »
-
Apr 9, 2022
For several years now I have been interested in electronic music, so I have decided to publish a series of brief articles in which I try to describe what in my view are decisive steps in the evolution of this… read more »
-
Apr 3, 2022
Cybersecurity Apple releases fixes for two zero-days affecting Macs, iPhones and iPads Apple published two notices on Thursday about two zero-day vulnerabilities affecting Macs, iPhones and iPads. Apple released fixes for CVE-2022-22675 and CVE-2022-22674, both of which were submitted by… read more »
-
Apr 2, 2022
Some time ago, I’ve published a list of open source forensics tools. In this update, I’ve included also closed source and commercial products. Frameworks and Toolkits The Sleuth Kit The Sleuth Kit (TSK) is a library and collection of command… read more »
-
Mar 26, 2022
Cybersecurity Okta on handling of Lapsus$ breach: ‘We made a mistake’ We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - August 3. Join AI and data leaders for insightful talks and exciting networking… read more »
-
Mar 26, 2022
Recently, some of my followers asked me some updates on my list of OSINT tools, published some years ago. So, I collected a new list of tools, in order to enrich my previous post. E-mail and Credentials Email Lookup Retrieve… read more »
-
Mar 20, 2022
Cybersecurity Browser In The Browser (BITB) Attack This article explores a phishing technique that simulates a browser window within the browser to spoof a legitimate domain. For security professionals, the URL is usually the most trusted aspect of a domain.… read more »
-
Mar 13, 2022
Cybersecurity Rewriting Romance Victim History: Common Truths and Falsehoods Told by Society Over the years I have worked with many people who track romance scams. I’ve spoken to analysts, psychologists, police officers, federal law enforcement, and most painfully: the victims.… read more »
-
Mar 5, 2022
Cybersecurity Fake News of Cyber Attacks Fast-Spreads, as Conflict between Russia and Ukraine Escalates One of the most active players in the cyberspace during the war in Ukraine are hacktivists that support either Russia or Ukraine for ideological reasons. Those… read more »
-
Feb 27, 2022
Cybersecurity Threat Advisory: Cyclops Blink Cisco Talos is aware of the recent reporting around a new modular malware family, Cyclops Blink, that targets small and home office (SOHO) devices, similar to previously observed threats like VPNFilter. Ukraine calls for volunteer… read more »