digicat@infosec.pubMEnglish · 1 month agoDaily BlueTeamSec Briefing Archive - daily AI generated podcast of the last 24hours of postsplus-squarepinbriefing.workshop1.netexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down11
arrow-up11arrow-down1external-linkDaily BlueTeamSec Briefing Archive - daily AI generated podcast of the last 24hours of postsplus-squarepinbriefing.workshop1.netdigicat@infosec.pubMEnglish · 1 month agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 10 hours agoChasing an Angry Spark - "A VM-obfuscated backdoor observed on a single machine in the UK, operated for one year, and vanished without a trace."plus-squarewww.gendigital.comexternal-linkmessage-square1linkfedilinkarrow-up112arrow-down10
arrow-up112arrow-down1external-linkChasing an Angry Spark - "A VM-obfuscated backdoor observed on a single machine in the UK, operated for one year, and vanished without a trace."plus-squarewww.gendigital.comdigicat@infosec.pubMEnglish · 10 hours agomessage-square1linkfedilink
digicat@infosec.pubMEnglish · 10 hours agoThe Mother of All AI Supply Chains: Critical, Systemic Vulnerability at the Core of Anthropic’s MCP - Anthropic design choice Exposes 150M+ Downloads and up to 200K Servers to complete takeoverplus-squarewww.ox.securityexternal-linkmessage-square1linkfedilinkarrow-up17arrow-down10
arrow-up17arrow-down1external-linkThe Mother of All AI Supply Chains: Critical, Systemic Vulnerability at the Core of Anthropic’s MCP - Anthropic design choice Exposes 150M+ Downloads and up to 200K Servers to complete takeoverplus-squarewww.ox.securitydigicat@infosec.pubMEnglish · 10 hours agomessage-square1linkfedilink
digicat@infosec.pubMEnglish · 10 hours agoFrom fake Proton VPN sites to gaming mods, this Windows infostealer is everywhereplus-squarewww.malwarebytes.comexternal-linkmessage-square0linkfedilinkarrow-up17arrow-down10
arrow-up17arrow-down1external-linkFrom fake Proton VPN sites to gaming mods, this Windows infostealer is everywhereplus-squarewww.malwarebytes.comdigicat@infosec.pubMEnglish · 10 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 8 hours agoUnderstanding security warnings when opening Remote Desktop (RDP) filesplus-squarelearn.microsoft.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkUnderstanding security warnings when opening Remote Desktop (RDP) filesplus-squarelearn.microsoft.comdigicat@infosec.pubMEnglish · 8 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 7 hours ago“Tell Them They Are a Responsible Entity, Not a Customer”: Understanding Practitioner Challenges in Sector CSIRTsplus-squaredl.acm.orgexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-link“Tell Them They Are a Responsible Entity, Not a Customer”: Understanding Practitioner Challenges in Sector CSIRTsplus-squaredl.acm.orgdigicat@infosec.pubMEnglish · 7 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoNIST Updates NVD Operations to Address Record CVE Growthplus-squarewww.nist.govexternal-linkmessage-square0linkfedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkNIST Updates NVD Operations to Address Record CVE Growthplus-squarewww.nist.govdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoRedSun: Windows Defender realizes that a malicious file has a cloud tag decides that it is a good idea to just rewrite the file it found again to it's original location. The PoC abuses this behaviourplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkRedSun: Windows Defender realizes that a malicious file has a cloud tag decides that it is a good idea to just rewrite the file it found again to it's original location. The PoC abuses this behaviourplus-squaregithub.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 8 hours agoQEMU abused to evade detection and enable ransomware deliveryplus-squarewww.sophos.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkQEMU abused to evade detection and enable ransomware deliveryplus-squarewww.sophos.comdigicat@infosec.pubMEnglish · 8 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 8 hours agoSmoking out an affiliate: SmokedHam, Qilin, a few Google ads and some bosswareplus-squarewww.orangecyberdefense.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkSmoking out an affiliate: SmokedHam, Qilin, a few Google ads and some bosswareplus-squarewww.orangecyberdefense.comdigicat@infosec.pubMEnglish · 8 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 10 hours agoWhen PUPs Grow Fangs: Dragon Boss Solutions' $10 Supply Chain Risk | Huntressplus-squarewww.huntress.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkWhen PUPs Grow Fangs: Dragon Boss Solutions' $10 Supply Chain Risk | Huntressplus-squarewww.huntress.comdigicat@infosec.pubMEnglish · 10 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 8 hours agoMinister: Swedish heating plant targeted by pro-Russian cyberattackenergywatch.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkMinister: Swedish heating plant targeted by pro-Russian cyberattackenergywatch.comdigicat@infosec.pubMEnglish · 8 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 10 hours agoMCP Supply Chain Advisory: RCE Vulnerabilities Across the AI Ecosystemplus-squarewww.ox.securityexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkMCP Supply Chain Advisory: RCE Vulnerabilities Across the AI Ecosystemplus-squarewww.ox.securitydigicat@infosec.pubMEnglish · 10 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 10 hours agonano-analyzer: A minimal LLM-powered zero-day vulnerability scannerplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linknano-analyzer: A minimal LLM-powered zero-day vulnerability scannerplus-squaregithub.comdigicat@infosec.pubMEnglish · 10 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoDissecting Sapphire Sleet’s macOS intrusion from lure to compromise | Microsoft Security Blogplus-squarewww.microsoft.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10cross-posted to: [email protected]
arrow-up12arrow-down1external-linkDissecting Sapphire Sleet’s macOS intrusion from lure to compromise | Microsoft Security Blogplus-squarewww.microsoft.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilinkcross-posted to: [email protected]
digicat@infosec.pubMEnglish · 11 hours agoBlueSAM: A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down11
arrow-up12arrow-down1external-linkBlueSAM: A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.plus-squaregithub.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agowcfproxy: A proxy for net.tcp-based WCF traffic.plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkwcfproxy: A proxy for net.tcp-based WCF traffic.plus-squaregithub.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoBSIM explained once and for all! - Ghidra's Behavioral Similarity (BSIM)plus-squareblog.quarkslab.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkBSIM explained once and for all! - Ghidra's Behavioral Similarity (BSIM)plus-squareblog.quarkslab.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agokafel: A language and library for specifying syscall filtering policies.plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkkafel: A language and library for specifying syscall filtering policies.plus-squaregithub.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
