What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
RiskIQ.webp 2024-10-14 21:26:20 Faits saillants hebdomadaires, 14 octobre 2024
Weekly OSINT Highlights, 14 October 2024 (lien direct)		 ## Snapshot Last week\'s OSINT reporting highlights a complex landscape of cyber threats with a focus on APT groups, sophisticated malware, and exploitation of vulnerabilities. Many attacks are espionage-focused, with China-aligned groups like CeranaKeeper, Iran\'s Hazel Sandstorm, and Russia\'s Midnight Blizzard (SVR) leveraging spearphishing and vulnerability exploitation for intelligence gathering. Ransomware also remains a dominant attack type, with threat actors leveraging double extortion tactics to maximize pressure on victims. A surge in reporting on malware distribution was also observed, including Lua-based malware in the education sector and Pronsis Loader delivering Lumma Stealer. Additionally, multiple reports detail widespread campaigns leveraging phishing, malvertising, and cryptomining, with key targets being government institutions, financial services, and critical infrastructure. Attackers employ diverse techniques such as DNS tunneling, USB-based malware, and exploit known vulnerabilities like EternalBlue (CVE-2017-0144) and FortiOS (CVE-2024-23113). ## Description Last week\'s OSINT reporting highlights a complex landscape of cyber threats with a focus on APT groups, sophisticated malware, and exploitation of vulnerabilities. Many attacks are espionage-focused, with China-aligned groups like CeranaKeeper, Iran\'s Hazel Sandstorm, and Russia\'s Midnight Blizzard (SVR) leveraging spearphishing and vulnerability exploitation for intelligence gathering. Ransomware also remains a dominant attack type, with threat actors leveraging double extortion tactics to maximize pressure on victims. A surge in reporting on malware distribution was also observed, including Lua-based malware in the education sector and Pronsis Loader delivering Lumma Stealer. Additionally, multiple reports detail widespread campaigns leveraging phishing, malvertising, and cryptomining, with key targets being government institutions, financial services, and critical infrastructure. Attackers employ diverse techniques such as DNS tunneling, USB-based malware, and exploit known vulnerabilities like EternalBlue (CVE-2017-0144) and FortiOS (CVE-2024-23113).  1. [CeranaKeeper Targets Thai Government](https://sip.security.microsoft.com/intel-explorer/articles/b3aa72ef): ESET uncovered a new China-aligned APT, CeranaKeeper, targeting government institutions in Thailand, using unique tools for data exfiltration via cloud services. The group adapts its malware for stealth and has been mistakenly linked to Mustang Panda due to some shared methods. 2. [Largest DDoS Attack Mitigated](https://sip.security.microsoft.com/intel-explorer/articles/74f06d55): Cloudflare mitigated the largest publicly disclosed DDoS attack, peaking at 3.8 Tbps, which targeted financial services, internet, and telecom organizations globally. Akamai also identified a critical vulnerability in CUPS servers, potentially creating a new vector for DDoS amplification. 3. [Cuckoo Spear\'s Sophisticated Tools](https://sip.security.microsoft.com/intel-explorer/articles/d47fc595): Cybereason exposed the Cuckoo Spear campaign by APT10, using NOOPLDR and NOOPDOOR to conduct espionage against Japanese industries and governments. These advanced tools employ anti-detection techniques and facilitate network pivoting for exfiltration. 4. [Mamba 2FA Phishing Campaign](https://sip.security.microsoft.com/intel-explorer/articles/bfcb80ed): Sekoia identified a phishing campaign using Mamba 2FA, a PhaaS platform, to steal credentials and session cookies from Microsoft services. Attackers exploited MFA weaknesses and used Telegram bots for data exfiltration. 5. [Golden Jackal\'s Air-Gapped System Attacks](https://sip.security.microsoft.com/intel-explorer/articles/f0234a25): ESET researchers discovered Golden Jackal targeting European government organizations with tools designed to breach air-gapped systems. The group uses USB-based malware for espionage and data exfiltration. 6. [Awaken Likho Targets Russian Agencies](https://sip.security.microsoft.com/in Ransomware Malware Tool Vulnerability Threat Patching Industrial Medical Cloud APT 29 APT 10 GoldenJackal ★★
DarkReading.webp 2023-12-15 16:15:00 Émirats arabes unis à chair de la Banque mondiale \\ le groupe de travail sur le cloud computing
UAE to Chair World Bank\\'s Cloud Computing Working Group (lien direct)		 La Banque mondiale a reconnu les EAU pour son travail avec le secteur privé dans la mise en œuvre et la sécurisation des systèmes cloud.
The World Bank recognized UAE for its work with the private sector in implementing and securing cloud systems.		 Cloud GoldenJackal ★★
Last update at: 2025-05-10 18:53:10
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter