digicatMEnglish · 4 days agoCTO at NCSC Summary: week ending March 22ndplus-squarepinctoatncsc.substack.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkCTO at NCSC Summary: week ending March 22ndplus-squarepinctoatncsc.substack.comdigicatMEnglish · 4 days agomessage-square0linkfedilink
digicatMEnglish · 16 days agoDaily BlueTeamSec Briefing Archive - daily AI generated podcast of the last 24hours of postsplus-squarepinbriefing.workshop1.netexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down11
arrow-up11arrow-down1external-linkDaily BlueTeamSec Briefing Archive - daily AI generated podcast of the last 24hours of postsplus-squarepinbriefing.workshop1.netdigicatMEnglish · 16 days agomessage-square0linkfedilink
digicatMEnglish · 6 hours agoOur investigation of the laptop farm identified that DPRK IT workers leverage Raspberry Pi-based KVM (Keyboard-Video-Mouse) devices to remotely access desktops and mesh VPN6068438.fs1.hubspotusercontent-na1.netexternal-linkmessage-square0linkfedilinkarrow-up110arrow-down10
arrow-up110arrow-down1external-linkOur investigation of the laptop farm identified that DPRK IT workers leverage Raspberry Pi-based KVM (Keyboard-Video-Mouse) devices to remotely access desktops and mesh VPN6068438.fs1.hubspotusercontent-na1.netdigicatMEnglish · 6 hours agomessage-square0linkfedilink
digicatMEnglish · 8 hours agoTeamPCP Isn't Done: Threat Actor Behind Trivy and KICS Compromises Now Hits LiteLLM's 95 Million Monthly Downloads on PyPIplus-squarewww.endorlabs.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkTeamPCP Isn't Done: Threat Actor Behind Trivy and KICS Compromises Now Hits LiteLLM's 95 Million Monthly Downloads on PyPIplus-squarewww.endorlabs.comdigicatMEnglish · 8 hours agomessage-square0linkfedilink
digicatMEnglish · 7 hours agoWho Runs Cl0p? Inside the Most Elusive Ransomware Operation in the Worldplus-squarermoskovy.github.ioexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkWho Runs Cl0p? Inside the Most Elusive Ransomware Operation in the Worldplus-squarermoskovy.github.iodigicatMEnglish · 7 hours agomessage-square0linkfedilink
digicatMEnglish · 11 hours agoAPT-C-13 (Sandworm) RDP backdoor attackmp.weixin.qq.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkAPT-C-13 (Sandworm) RDP backdoor attackmp.weixin.qq.comdigicatMEnglish · 11 hours agomessage-square0linkfedilink
digicatMEnglish · 22 hours agoFCC Updates Covered List to Include Foreign-Made Consumer Routers, Prohibiting Approval of New Models - "the FCC updated its Covered List to include all consumer-grade routers"docs.fcc.govexternal-linkmessage-square1linkfedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkFCC Updates Covered List to Include Foreign-Made Consumer Routers, Prohibiting Approval of New Models - "the FCC updated its Covered List to include all consumer-grade routers"docs.fcc.govdigicatMEnglish · 22 hours agomessage-square1linkfedilink
digicatMEnglish · 20 hours agoRussian Citizen Sentenced to Prison for Hacking into U.S. Companies and Enabling Major Cybercrime Groups to Extort Tens of Millions of Dollarsplus-squarewww.justice.govexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkRussian Citizen Sentenced to Prison for Hacking into U.S. Companies and Enabling Major Cybercrime Groups to Extort Tens of Millions of Dollarsplus-squarewww.justice.govdigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 20 hours agoFirewall Rule BOF - Add, remove, or query Windows Firewall rules via the COM API (INetFwPolicy2) without spawning netsh.exe or cmd.exe. Useful for pivoting inside networks.plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkFirewall Rule BOF - Add, remove, or query Windows Firewall rules via the COM API (INetFwPolicy2) without spawning netsh.exe or cmd.exe. Useful for pivoting inside networks.plus-squaregithub.comdigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 20 hours agoBrbbot: Full Malware Analysis & Reverse Engineeringplus-square7amthereaper.github.ioexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkBrbbot: Full Malware Analysis & Reverse Engineeringplus-square7amthereaper.github.iodigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 20 hours agoAdd TVicPort64.sys - arbitrary physical memory mapping LPE (EnTech Taiwan, signed 2006t)plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkAdd TVicPort64.sys - arbitrary physical memory mapping LPE (EnTech Taiwan, signed 2006t)plus-squaregithub.comdigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 20 hours agoActive device code phishing campaign impersonating a popular cloud-based file storage service and two prominent electronic signature and document workflow platforms.plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkActive device code phishing campaign impersonating a popular cloud-based file storage service and two prominent electronic signature and document workflow platforms.plus-squaregithub.comdigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 20 hours agoBusiness, logic, and chains: unauthenticated RCE in Dell Wyse Management Suiteswarm.ptsecurity.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkBusiness, logic, and chains: unauthenticated RCE in Dell Wyse Management Suiteswarm.ptsecurity.comdigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 20 hours agoVulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) inc Race Condition leading to User Session Mixupplus-squaresupport.citrix.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkVulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) inc Race Condition leading to User Session Mixupplus-squaresupport.citrix.comdigicatMEnglish · 20 hours agomessage-square0linkfedilink
digicatMEnglish · 22 hours agoHow a Tax Search Leads to Kernel-Mode AV/EDR Kill | Huntressplus-squarewww.huntress.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkHow a Tax Search Leads to Kernel-Mode AV/EDR Kill | Huntressplus-squarewww.huntress.comdigicatMEnglish · 22 hours agomessage-square0linkfedilink
digicatMEnglish · 1 day agoKICS GitHub Action Compromised: TeamPCP Supply Chain Attackplus-squarewww.wiz.ioexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkKICS GitHub Action Compromised: TeamPCP Supply Chain Attackplus-squarewww.wiz.iodigicatMEnglish · 1 day agomessage-square0linkfedilink
digicatMEnglish · 2 days agoBring Back RSS for Operational Securityplus-squarewww.foo.beexternal-linkmessage-square1linkfedilinkarrow-up111arrow-down10
arrow-up111arrow-down1external-linkBring Back RSS for Operational Securityplus-squarewww.foo.bedigicatMEnglish · 2 days agomessage-square1linkfedilink
digicatMEnglish · 1 day agoCustomLoadImage: Stealthy .NET assembly loading using AssemblyNative::LoadFromBufferplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCustomLoadImage: Stealthy .NET assembly loading using AssemblyNative::LoadFromBufferplus-squaregithub.comdigicatMEnglish · 1 day agomessage-square0linkfedilink
digicatMEnglish · 2 days agoMost Organisations Reward the Wrong Kind of CISOplus-squaremedium.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkMost Organisations Reward the Wrong Kind of CISOplus-squaremedium.comdigicatMEnglish · 2 days agomessage-square0linkfedilink
digicatMEnglish · 2 days agoDemystifying Iranian Cyber Operations in the U.S.-Iran Conflictplus-squarewww.csis.orgexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkDemystifying Iranian Cyber Operations in the U.S.-Iran Conflictplus-squarewww.csis.orgdigicatMEnglish · 2 days agomessage-square0linkfedilink
