🚨 LogoFAIL: Critical vulnerabilities in UEFI Code from multiple firmware/BIOS vendors can be exploited by threat actors to bypass security technologies and deliver a malicious payload.
U.S. Treasury's OFAC sanctions North Korea-linked prolific #hacking group Kimsuky and 8 foreign-based agents for gathering intelligence and processing stolen assets.
⚠️ CACTUS #ransomware campaign has been observed exploiting vulnerabilities in the Qlik Sense cloud analytics and business intelligence platform for initial access to targeted environments.
I really like #mastodon and ethos around here so much better than the ‘other’ site(s), BUT….. the engagement and interactions are SO much less. What am I missing and are there some tips and tricks I should be using to turn that experience around?
Here are a few hashtags for visibility on the things I most often comment on and talk about.
#Lazarus Group's evolving cyber tactics target #macOS systems by combining elements from multiple #malware campaigns (like RustBucket and KANDYKORN) for better effectiveness and to avoid detection.
Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict.
🚨 Critical Security Alert: Threat actors, including #LockBit#ransomware affiliates, exploit the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.