2023-09-21 | Hacker Trends

10 Posts

Cisco to Acquire Splunk, to Help Make Organizations More Secure and Resilient in an AI-Powered World

https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2023/m09/cisco-to-acquire-splunk-to-help-make-organizations-more-secure-and-resilient-in-an-ai-powered-world.html

8 Posts

APT_REPORT/International Strategic/China/TAG-74.pdf at master · blackorbird/APT_REPORT · GitHub

https://github.com/blackorbird/APT_REPORT/blob/master/International%20Strategic/China/TAG-74.pdf

6 Posts

SCUDO Hardened Allocator — Unofficial Internals Documentation | Team Trenchant

https://trenchant.io/scudo-hardened-allocator-unofficial-internals-documentation/

6 Posts

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware | WIRED

https://www.wired.com/story/china-usb-sogu-malware/

5 Posts

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

https://thehackernews.com/2023/09/beware-fake-exploit-for-winrar.html

5 Posts

MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks - SecurityWeek

https://www.securityweek.com/mgm-resorts-computers-back-up-after-10-days-as-analysts-eye-effects-of-casino-cyberattacks/

5 Posts

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

https://thehackernews.com/2023/09/ukrainian-hacker-suspected-to-be-behind.html

5 Posts

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

https://thehackernews.com/2023/09/researchers-raise-red-flag-on-p2pinfect.html

5 Posts

We have successfully completed our migration to RAM-only VPN infrastructure - Blog | Mullvad VPN

https://mullvad.net/en/blog/2023/9/20/we-have-successfully-completed-our-migration-to-ram-only-vpn-infrastructure/

4 Posts

Cisco to Acquire Splunk for $28 Billion - SecurityWeek

https://www.securityweek.com/cisco-boosts-cybersecurity-capabilities-with-28-billion-splunk-acquisition/

4 Posts

Apple emergency updates fix 3 new zero-days exploited in attacks

https://www.bleepingcomputer.com/news/apple/apple-emergency-updates-fix-3-new-zero-days-exploited-in-attacks/

4 Posts

P2Pinfect botnet targets Redis and SSH services | SC Media

https://www.scmagazine.com/news/p2pinfect-botnet-targets-redis-and-ssh-services

4 Posts

Basecamp | Report #2107680 - AWS keys and user cookie leakage via uninitialized memory leak in outdated librsvg version in Basecamp | HackerOne

https://hackerone.com/reports/2107680

4 Posts

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

https://thehackernews.com/2023/09/china-accuses-us-of-decade-long-cyber.html

4 Posts

SANS Cyber Defense Initiative 2023 (December 11-16)

https://www.sans.org/u/1snX

4 Posts

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

https://thehackernews.com/2023/09/cyber-group-gold-melody-selling.html

4 Posts

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents

https://thehackernews.com/2023/09/mysterious-sandman-threat-actor-targets.html

4 Posts

Special Offer for Asia Pacific Students | SANS Online Training

https://www.sans.org/u/1sGv

3 Posts

Analysis file (MD5: 9A4569B1B426FF858D74F0375EBE3195) Malicious activity - Interactive analysis ANY.RUN

https://app.any.run/tasks/5351d819-f48e-4502-a315-6643b743182f/

3 Posts

The WebP 0day

https://blog.isosceles.com/the-webp-0day/

3 Posts

TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data - SecurityWeek

https://www.securityweek.com/transunion-denies-breach-after-hacker-publishes-allegedly-stolen-data/

3 Posts

Atlassian Security Updates Patch High-Severity Vulnerabilities - SecurityWeek

https://www.securityweek.com/atlassian-security-updates-patch-high-severity-vulnerabilities/

3 Posts

India's biggest tech centers named as cyber crime hotspots • The Register

https://go.theregister.com/feed/www.theregister.com/2023/09/21/india_cybercrime_trends_report/

3 Posts

Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions

https://securityaffairs.com/151149/hacking/noname-ddos-attack-canadian-airports.html

3 Posts

Analysis Document2090.pdf.vbs (MD5: B073F7C42BF8B8211E442A15E1D25866) Malicious activity - Interactive analysis ANY.RUN

https://app.any.run/tasks/5b5352e3-32e8-47f9-9fd2-70a5882d63ab

3 Posts

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet - Help Net Security

https://www.helpnetsecurity.com/2023/09/21/subsea-cable-resilience/

3 Posts

https://securityaffairs.com/151160/data-breach/space-and-defense-tech-maker-exail-technologies-exposes-database-access.html

3 Posts

Cisco to Acquire Splunk, to Help Make Organizations More Secure and Resilient in an AI-Powered World

APT_REPORT/International Strategic/China/TAG-74.pdf at master · blackorbird/APT_REPORT · GitHub

SCUDO Hardened Allocator — Unofficial Internals Documentation | Team Trenchant

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware | WIRED

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks - SecurityWeek

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

We have successfully completed our migration to RAM-only VPN infrastructure - Blog | Mullvad VPN

Cisco to Acquire Splunk for $28 Billion - SecurityWeek

Apple emergency updates fix 3 new zero-days exploited in attacks

P2Pinfect botnet targets Redis and SSH services | SC Media

Basecamp | Report #2107680 - AWS keys and user cookie leakage via uninitialized memory leak in outdated librsvg version in Basecamp | HackerOne

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

SANS Cyber Defense Initiative 2023 (December 11-16)

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents

Special Offer for Asia Pacific Students | SANS Online Training

Analysis file (MD5: 9A4569B1B426FF858D74F0375EBE3195) Malicious activity - Interactive analysis ANY.RUN

The WebP 0day

TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data - SecurityWeek

Atlassian Security Updates Patch High-Severity Vulnerabilities - SecurityWeek

India's biggest tech centers named as cyber crime hotspots • The Register

Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions

Analysis Document2090.pdf.vbs (MD5: B073F7C42BF8B8211E442A15E1D25866) Malicious activity - Interactive analysis ANY.RUN

Hidden dangers loom for subsea cables, the invisible infrastructure of the internet - Help Net Security

https://securityaffairs.com/151160/data-breach/space-and-defense-tech-maker-exail-technologies-exposes-database-access.html

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade - SecurityWeek

Security Analyst Summit (SAS) – Phuket, Thailand October 25-28

Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis - SecurityWeek

GitHub passkeys generally available for passwordless sign-ins

Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks - SecurityWeek

ARMv8 HW AES: To trust or not to trust?