Show more
⇄ Σ = Mᄃ² ⇆  

Active Directory DNS Spoofing Exploit - thread

akamai tool meant to be used by system administrators and blue teams to detect risky configurations

/nosanitize

akamai.com/blog/security-resea

To delve deeper into the technical details of the vulnerability, how to exploit it, and advanced mitigation strategies, please refer to the original research paper by Akamai(above)

0
⇄ Σ = Mᄃ² ⇆  

In a recent revelation by Akamai security researchers, a chink in the armor of DNS security has been exposed.

This vulnerability, resulting from exploiting DHCP DNS Dynamic Updates, opens the door for attackers to engage in the deceptive art of DNS record spoofing.

Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates

akamai.com/blog/security-resea

1+
⇄ Σ = Mᄃ² ⇆  

Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware.

securelist.com/trojan-proxy-fo

The macOS variants propagate under the guise of legitimate multimedia, image editing, data recovery, and productivity tools. This suggests that users searching for pirated software are the targets of the campaign.

the rogue versions are delivered in the form of .PKG installers

1
⇄ Σ = Mᄃ² ⇆  

Outlook Exploit

new report, Palo Alto Networks reveals that APT28, which has been linked to Russia’s General Staff Main Intelligence Directorate (GRU) military intelligence service, has been exploiting CVE-2023-23397 - past 20 months to target at least 30 organizations within 14 nations

unit42.paloaltonetworks.com/ru

report comes only days after Microsoft updated its March advisory on the observed attacks to attribute the exploitation of CVE-2023-23397 to APT28.

microsoft.com/en-us/security/b

1
⇄ Σ = Mᄃ² ⇆  

ESET researchers describe the growth of deceptive loan apps for Android and techniques they use to circumvent Google Play

“While these SpyLoan apps technically comply with the requirements of having a privacy policy, their practices clearly go beyond the scope of data collection necessary for providing financial services and complying with the KYC banking standards,” ESET explains.

welivesecurity.com/en/eset-res

1
⇄ Σ = Mᄃ² ⇆  

The fucking Fancy Bears used hacking drones to do something, but we aren't quite sure what it is.

But we have since gotten ISO certified, so it will never happen again.

😆 humour

The fucking foreign assets used that one vulnerability we were going to patch next Tuesday to do something, but we aren't quite sure what it is.

But we have since sent one of our guys to Defcon, so it will never happen again.

whythefuckwasibreached.com/

1
⇄ Σ = Mᄃ² ⇆  

Google has recently introduced a new multilingual text vectorizer called RETVec (an acronym for Resilient and Efficient Text Vectorizer), to aid identification of potentially malicious content like spam and fraudulent emails in Gmail

security.googleblog.com/2023/1

RETVec is a next-gen text vectorizer designed to be efficient, multilingual, and provide built-in adversarial resilience using robust word embeddings trained with similarity learning

read the paper here

arxiv.org/abs/2302.09207

1
⇄ Σ = Mᄃ² ⇆  

international collaboration, law enforcement agencies successfully arrested hackers behind high-profile ransomware attacks on 71 countries.

international investigators from the following countries to assist Ukrainian police:-

Norway
France
Germany
The US

Amid Russia’s military aggression, the following law enforcement agencies united to dismantle the Ukraine-based ransomware operations:-

Global law enforcement
Europol
Eurojust

europol.europa.eu/media-press/

0
⇄ Σ = Mᄃ² ⇆  

Plex, the streaming service/self-hosted media server, is leaking users’ viewing histories to one another, including porn. Because of a new feature

"I can see that one of my friends is apparently watching a ton of cheesy, soft porn stuff," a user said

sidenote: the new feature is opt-out so if you use Plex you need to switch the setting off

404media.co/plex-users-fear-di

1+
⇄ Σ = Mᄃ² ⇆  

icydk

The IOC Radar service provides you with IoCs about threat actors, malware and attackers. The data is enriched by SOCRadar artificial intelligence algorithms.

socradar.io/labs/ioc-radar/

0
⇄ Σ = Mᄃ² ⇆  

erm.....wut

Idaho National Laboratory >> one of the largest nuclear labs in the US, confirmed this week that it has been hacked. The group behind the data breach was self-described "gay furry hackers" Sieged Security aka SiegedSec, who have demanded the INL put its efforts and resources into creating................................. real-life catgirls.

yes real life catgirls

"woah so much crunchy data :3" SiegedSec wrote on their Telegram account

1+
⇄ Σ = Mᄃ² ⇆  

Attack on direct debit provider London & Zurich leaves customers with 6-figure backlogs

Customers complain of poor comms during huge outage that’s sparked payroll fears

theregister.com/2023/11/23/ran

0
⇄ Σ = Mᄃ² ⇆  

malwarebytes Black Friday Sale: Save 50%

malwarebytes.com/pricing

0
⇄ Σ = Mᄃ² ⇆  

forum post also clarifies that each key can be used twice so that cookie restoration can work only one time.

it is worth mentioning that another stealer, Rhadamanthys, announced a similar capability in a recent update, increasing the likelihood that malware authors discovered an exploitable security gap.

0
⇄ Σ = Mᄃ² ⇆  

The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.

Restoring these cookies would allow Lumma operators to gain unauthorized access to any Google account even after the legitimate owner has logged out of their account or their session has expired.

1
⇄ Σ = Mᄃ² ⇆  

In an interesting new development, AMOS is now being delivered to Mac users via a fake browser update chain tracked as ‘ClearFake’

ClearFake is a newer malware campaign that leverages compromised websites to distribute fake browser updates. It was originally discovered by Randy McEoin in August and has since gone through a number of upgrades

rmceoin.github.io/malware-anal

including the use of smart contracts to build its redirect mechanism

krebsonsecurity.com/2023/10/th

1
⇄ Σ = Mᄃ² ⇆  

MOVEit victim count latest: 2.6K+ orgs hit, 77M+ people's data stolen

Real-life impact of buggy software laid bare – plus: Avast tries to profit from being caught up in attacks

theregister.com/2023/11/20/mov

As expected, users aren't too happy with Avast's "shameless marketing tactics" and took to a web forum to voice their complaints.

forum.avast.com/index.php

0
⇄ Σ = Mᄃ² ⇆  

The Ukrainian NDSC says that the observed campaign from APT29 stands out because it mixes old and new techniques

The report from the Ukrainian agency provides a set of indicators of compromise (IoCs) consisting of filenames and corresponding hashes for PowerShell scripts and an email file, along with domains and email addresses.

0
⇄ Σ = Mᄃ² ⇆  

use

virustotal.com/gui/

for checking URL's before you click

1
⇄ Σ = Mᄃ² ⇆  

Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities.

The LitterDrifter worm packs in two main features: automatically spreading the malware via connected USB drives as well as communicating with the threat actor's command-and-control (C&C) servers.

research.checkpoint.com/2023/m

1
Show more

⇄ Σ = Mᄃ² ⇆
@[email protected]

⇄ Σ = Mᄃ² ⇆'s choices:

cososec

1.23K

tipsandtricks

438

jussayin

300

ai

209

linux

88

podcasts

76

cybercrime

38

scotspolitics

23

cosotips

20

privacy

14

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…