Technical

Asyn · 2021-12-20T08:36:00.000Z

Karakurt rises from its lair
https://www.accenture.com/us-en/blogs/cyber-defense/karakurt-threat-mitigation

Asyn · 2021-12-20T11:57:36.000Z

Avast Finds Backdoor on US Government Commission Network
https://decoded.avast.io/threatintel/avast-finds-backdoor-on-us-government-commission-network/

Asyn · 2021-12-21T09:02:19.000Z

TinyNuke Banking Malware Targets French Entities
https://www.proofpoint.com/us/blog/threat-insight/tinynuke-banking-malware-targets-french-entities

Asyn · 2021-12-21T11:13:28.000Z

A closer look at Qakbot’s latest building blocks (and how to knock them down)
https://www.microsoft.com/security/blog/2021/12/09/a-closer-look-at-qakbots-latest-building-blocks-and-how-to-knock-them-down/

Asyn · 2021-12-22T08:49:31.000Z

Phishing Campaign Targeting Korean to Deliver Agent Tesla New Variant
https://www.fortinet.com/blog/threat-research/phishing-campaign-targeting-korean-to-deliver-agent-tesla-new-variant

Asyn · 2021-12-22T11:02:00.000Z

Bugs in billions of WiFi, Bluetooth chips allow password, data theft
https://www.bleepingcomputer.com/news/security/bugs-in-billions-of-wifi-bluetooth-chips-allow-password-data-theft/
https://arxiv.org/pdf/2112.05719.pdf

bob3160 · 2021-12-22T13:15:30.000Z

Asyn post:3766:

Bugs in billions of WiFi, Bluetooth chips allow password, data theft
https://www.bleepingcomputer.com/news/security/bugs-in-billions-of-wifi-bluetooth-chips-allow-password-data-theft/
https://arxiv.org/pdf/2112.05719.pdf

Also covered here, https://youtu.be/AKUHgwwPi3I

Asyn · 2021-12-23T08:53:02.000Z

Driver-Based Attacks: Past and Present
https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/

Asyn · 2021-12-23T15:14:08.000Z

Espionage Campaign Targets Telecoms Organizations across Middle East and Asia
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-campaign-telecoms-asia-middle-east

Asyn · 2021-12-24T10:29:31.000Z

Catching malware red-handed: Behavioral threat fingerprinting
https://blog.avast.com/behavioral-threat-fingerprinting-avast

Asyn · 2021-12-25T10:15:01.000Z

Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
https://securelist.com/owowa-credential-stealer-and-remote-access/105219/

Asyn · 2021-12-25T11:36:19.000Z

Magecart Skimmers Are Alive and Well – Constant Vigilance Is Required
https://www.akamai.com/blog/security/magecart-skimmers-are-alive-and-well-constant-vigilance-is-required

Asyn · 2021-12-25T13:12:41.000Z

Log4j Vulnerability: Attackers Shift Focus From LDAP to RMI
https://blogs.juniper.net/en-us/threat-research/log4j-vulnerability-attackers-shift-focus-from-ldap-to-rmi

Asyn · 2021-12-26T10:07:25.000Z

Large-scale phishing study shows who bites the bait more often
https://www.bleepingcomputer.com/news/security/large-scale-phishing-study-shows-who-bites-the-bait-more-often/
http://arxiv.org/pdf/2112.07498.pdf

Asyn · 2021-12-27T08:11:11.000Z

A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html

Asyn · 2021-12-27T10:10:16.000Z

DarkWatchman: A new evolution in fileless techniques.
https://www.prevailion.com/darkwatchman-new-fileness-techniques/

Asyn · 2021-12-27T12:24:30.000Z

How does your location affect your online privacy?
https://blog.avast.com/location-and-online-privacy-avast

Asyn · 2021-12-28T08:39:09.000Z

Phorpiex botnet returns with new tricks making it harder to disrupt
https://www.bleepingcomputer.com/news/security/phorpiex-botnet-returns-with-new-tricks-making-it-harder-to-disrupt/

Asyn · 2021-12-28T12:28:11.000Z

Understanding the Impact of Apache Log4j Vulnerability
https://security.googleblog.com/2021/12/understanding-impact-of-apache-log4j.html

bob3160 · 2021-12-28T12:35:07.000Z

Countering disinformation requires a more coordinated approach.
https://blog.avast.com/countering-disinformation-report-avast

Announcements