@campuscodi@mastodon.social
@campuscodi@mastodon.social avatar

campuscodi

@campuscodi@mastodon.social

Cybersecurity reporter for Risky Business

#infosec #cybersecurity #security

This profile is from a federated server and may be incomplete. Browse more on the original instance.

campuscodi, to random
@campuscodi@mastodon.social avatar

A team of Chinese academics has discovered a security flaw in the design of RISC-V SonicBOOM processors: https://www.nwpu.edu.cn/info/1198/86148.htm

Technical details are available here:

https://mp.weixin.qq.com/s/ke8tBpJ7NpvUEAecov--UQ

campuscodi, to random
@campuscodi@mastodon.social avatar

Positive Technologies has published a report on ExCobalt, a former cybercrime group that is now conducting cyber-espionage operations against Russian targets. The group's latest attacks involved the use of a Go-based backdoor named GoRed.

https://www.ptsecurity.com/ru-ru/research/pt-esc-threat-intelligence/preview/ex-cobalt-go-red-tehnika-skrytogo-tunnelya/

ExCobalt appears to be related to an APT that Rostelecom tracks as Shedding Zmiy.

https://rt-solar.ru/solar-4rays/blog/4333/

campuscodi, to random
@campuscodi@mastodon.social avatar

According to reports from the New York Times and Haaretz, the Israel Ministry of Diaspora Affairs paid a private company named STOIC $2 million for a social media influence campaign that targeted US politicians. (1/2)

https://www.nytimes.com/2024/06/05/technology/israel-campaign-gaza-social-media.html

https://www.nytimes.com/2024/06/05/technology/israel-campaign-gaza-social-media.html

campuscodi,
@campuscodi@mastodon.social avatar

(2/2)

The campaign launched a month after the Hamas October 7 attack and targeted at least 128 members of the US Congress. According to disinformation experts, social media accounts controlled by STOIC targeted US lawmakers with pro-Israeli propaganda and anti-Arab views. STOIC's campaign was also spotted and disrupted by Meta and OpenAI earlier this month.

PDF: https://fakereporter.net/pdf/pro-Israeli_influence_network-new_findings-0624.pdf

campuscodi, to random
@campuscodi@mastodon.social avatar

Privacy organization noyb has asked data protection agencies in 11 EU countries to investigate Meta for its plan to use Facebook user data to train its AI

https://noyb.eu/en/noyb-urges-11-dpas-immediately-stop-metas-abuse-personal-data-ai

campuscodi, (edited ) to random
@campuscodi@mastodon.social avatar

The Daixin ransomware team claims to have breached the Dubai municipal government

https://databreaches.net/2024/06/05/daixin-team-claims-to-have-breached-the-dubai-municipality/

campuscodi, to random
@campuscodi@mastodon.social avatar

BI.ZONE's report on the Sapphire Werewolf APT is now available in English:

https://bi-zone.medium.com/sapphire-werewolf-polishes-amethyst-stealer-to-attack-over-300-companies-b547e8b76109

campuscodi, to random
@campuscodi@mastodon.social avatar

South Korean security firm AhnLab has spotted a spear-phishing campaign that tries to bypass security defenses by asking users to copy-paste malicious PowerShell commands in their Windows Run prompt.

https://asec.ahnlab.com/en/66300/

campuscodi, to random
@campuscodi@mastodon.social avatar

A Chinese cybercrime group is targeting websites built using the ThinkPHP framework in attacks designed to install a new web shell named Dama.

The attacks exploit two old 2018 and 2019 vulnerabilities in the framework, mostly used by Chinese-speaking developers.

Akamai says the attacks started last October and are ongoing.

The company couldn't say what the final payload was (i.e., cryptomining, proxy bot, DDoS, etc.).

https://www.akamai.com/blog/security-research/2024/jun/2024-thinkphp-applications-exploit-1-days-dama-webshell

campuscodi, to random
@campuscodi@mastodon.social avatar

Cisco under investigation in Romania for allegedly rigging some public IT tenders

RO: https://economie.hotnews.ro/stiri-telecom-27191430-reactia-cisco-dupa-hotnews-scris-vizata-investigatia-privind-posibila-trucare-unor-licitatii-romania.htm

GT: https://economie-hotnews-ro.translate.goog/stiri-telecom-27191430-reactia-cisco-dupa-hotnews-scris-vizata-investigatia-privind-posibila-trucare-unor-licitatii-romania.htm?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp

campuscodi, to random
@campuscodi@mastodon.social avatar

Attacks using CVE-2024-4358 have been observed against Progress Telerik Report Servers

https://mastodon.social/@shadowserver@infosec.exchange/112568641147622840

Attacks began after PoC was published online earlier this week: https://summoning.team/blog/progress-report-server-rce-cve-2024-4358-cve-2024-1800/

campuscodi, to random
@campuscodi@mastodon.social avatar

Cisco has rolled out patches for the Webex application to fix a bug that allowed unauthorized access to Webex meetings and metadata information.

The company says the bugs were exploited by security researchers at the end of May.

Cisco is notifying customers who had their data collected during the research.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-june-2024

campuscodi, to random
@campuscodi@mastodon.social avatar

Eugenio Benincasa, a Cyber Defense Researcher at the Technical University of Zurich (ETH Zurich), has published a 74-page paper on the connections between China's hacking contests and bug bounty platforms and the country's offensive cyber capabilities.

PDF: https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/CyberDefenseReport_%20From%20Vegas%20to%20Chengdu.pdf

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-the-linux-cna-mess/
Podcast: https://risky.biz/RB297a/

-The Linux CNA mess you didn't know about
-TikTok zero-day used to hack high-profile accounts
-New APT targets China
-Hungary's ruling party boycotts Russian hack investigation
-Australian rare-earth mining company hit by ransomware attack
-GrapheneOS adds duress password
-Denmark raises cyber threat level
-White House to harmonize cybersecurity regulations
-Russia ramps up Olympics disinfo
-Azure firewall bypass discovered

campuscodi,
@campuscodi@mastodon.social avatar

Plus:

-APT reports on APT28, APT29, UAC-0900
-Malware reports on DarkGate, PikaBot, Vidar
-New V3B PhaaS
-QNAP changes default passwords on its NASs
-Google to track Drive API changes now to fight abuse
-noyb files complaint against Microsoft 365 Education
-Microsoft removes local account install support on Win11
-Data broker execs convicted
-Android security updates
-Zyxel removes "NsaRescueAngel" backdoor account (lol)
-OpenSSL security audit
-ClangOver attack on ML-KEM
-OffensiveCon24 videos

campuscodi, to random
@campuscodi@mastodon.social avatar

A Zero Day TikTok Hack Is Taking Over Celebrity And Brand Accounts

https://www.forbes.com/sites/emilybaker-white/2024/06/04/a-zero-day-tiktok-hack-is-taking-over-celebrity-and-brand-accounts/?sh=334144b6060a

campuscodi, to random
@campuscodi@mastodon.social avatar

The Android red team has a blog:

https://androidoffsec.withgoogle.com

campuscodi, to random
@campuscodi@mastodon.social avatar

Talks from the OffensiveCon24 security conference, which took place at the start of May in Berlin, are available on YouTube:

https://www.youtube.com/playlist?list=PLYvhPWR_XYJlg1SfcKdZY6eXUTPPqnh_G

campuscodi, to random
@campuscodi@mastodon.social avatar

Security researcher Alexander Hagenah has released TotalRecall, a tool that extracts and displays data from the Recall feature in Windows 11.

https://github.com/xaitax/TotalRecall

campuscodi, to random
@campuscodi@mastodon.social avatar

The Bian Lian ransomware gang has taken credit for a ransomware attack on Northern Minerals, one of Australia's largest rare-earth mining companies.

Northern Minerals has confirmed the incident in a filing with the Australian Securities Exchange.

PDF: https://cdn-api.markitdigital.com/apiman-gateway/ASX/asx-research/1.0/file/2924-02814126-6A1210386

Coverage: https://www.cyberdaily.au/security/10662-exclusive-aussie-rare-earth-metals-producer-northern-minerals-confirms-ransomware-attack

campuscodi, to random
@campuscodi@mastodon.social avatar

From this report: https://mastodon.social/@ravirockks@infosec.exchange/112555805013166419

"Including any given PHP library has a greater than 50% chance of bringing a security flaw along with it."

kek 😆

campuscodi, (edited )
@campuscodi@mastodon.social avatar

Just look at this chart!

What are we doing JS developers?

How tf do you have 1,400 dependencies in a project?

Do we actually code anymore or we just playing with legos at this point?

campuscodi, to random
@campuscodi@mastodon.social avatar

A cyber attack has forced three major UK hospitals to cancel operations and redirect emergency patients to other nearby care facilities.

According to Metro, the incident has impacted transplant surgeries and blood transfusion centers.

https://metro.co.uk/2024/06/04/cyber-attack-forces-three-major-hospitals-cancel-operations-20968948/

campuscodi,
@campuscodi@mastodon.social avatar

Apparently related to this: https://www.england.nhs.uk/london/2024/06/04/nhs-london-statement-on-synnovis-ransomware-cyber-attack/

campuscodi,
@campuscodi@mastodon.social avatar

@ku glad to hear it! Wishing her a speedy recovery!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • modclub
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • GTA5RPClips
  • tacticalgear
  • normalnudes
  • tester
  • osvaldo12
  • everett
  • cubers
  • ethstaker
  • anitta
  • provamag3
  • Leos
  • cisconetworking
  • lostlight
  • All magazines
    •