Pegasus vs. Predator Dissident’s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware
https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/
For you only: scammers invent new targeted tools to amplify fraud schemes
https://www.group-ib.com/media/target-links-2021/
Honeypot experiment reveals what hackers want from IoT devices
https://www.bleepingcomputer.com/news/security/honeypot-experiment-reveals-what-hackers-want-from-iot-devices/
https://arxiv.org/pdf/2112.10974.pdf
NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories
https://blog.wiz.io/azure-app-service-source-code-leak/
MS Teams: 1 feature, 4 vulnerabilities
https://positive.security/blog/ms-teams-1-feature-4-vulns
Malicious App Targets Major Brazilian Bank Itaú Unibanco
https://blog.cyble.com/2021/12/23/malicious-app-targets-major-brazilian-bank-itau-unibanco/
Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center
https://www.microsoft.com/security/blog/2021/12/08/improve-kernel-security-with-the-new-microsoft-vulnerable-and-malicious-driver-reporting-center/
Elastic Security uncovers BLISTER malware campaign
https://www.elastic.co/de/blog/elastic-security-uncovers-blister-malware-campaign
Avos Locker remotely accesses boxes, even running in Safe Mode
https://news.sophos.com/en-us/2021/12/22/avos-locker-remotely-accesses-boxes-even-running-in-safe-mode/
New Rook Ransomware Feeds Off the Code of Babuk
https://www.sentinelone.com/labs/new-rook-ransomware-feeds-off-the-code-of-babuk/
Redline Stealer Targeting Accounts Saved to Web Browser with Automatic Login Feature Included
https://asec.ahnlab.com/en/29885/
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
https://unit42.paloaltonetworks.com/strategically-aged-domain-detection/
New ways to phish found by academic researchers
https://blog.avast.com/discovering-new-ways-to-phish-avast
https://catching-transparent-phish.github.io/catching_transparent_phish.pdf
Firmware attack can drop persistent malware in hidden SSD area
https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/
Malicious Telegram Installer Drops Purple Fox Rootkit
https://blog.minerva-labs.com/malicious-telegram-installer-drops-purple-fox-rootkit
A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply Chain
https://unit42.paloaltonetworks.com/web-skimmer-video-distribution/
Night Sky is the latest ransomware targeting corporate networks
https://www.bleepingcomputer.com/news/security/night-sky-is-the-latest-ransomware-targeting-corporate-networks/
Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk
https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/
Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot”
https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond
https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond