Technical

Asyn · 2022-05-03T09:34:45.000Z

This isn’t Optimus Prime’s Bumblebee but it’s Still Transforming
https://www.proofpoint.com/us/blog/threat-insight/bumblebee-is-still-transforming

Asyn · 2022-05-04T07:59:10.000Z

Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?
https://blog.aquasec.com/npm-package-planting

Asyn · 2022-05-04T09:52:06.000Z

Facing reality? Law enforcement and the challenge of deepfakes
https://www.europol.europa.eu/publications-events/publications/facing-reality-law-enforcement-and-challenge-of-deepfakes
https://www.europol.europa.eu/cms/sites/default/files/documents/Europol_Innovation_Lab_Facing_Reality_Law_Enforcement_And_The_Challenge_Of_Deepfakes.pdf

Asyn · 2022-05-04T12:12:51.000Z

Trello From the Other Side: Tracking APT29 Phishing Campaigns
https://www.mandiant.com/resources/tracking-apt29-phishing-campaigns

Asyn · 2022-05-04T15:31:16.000Z

India Orders VPN Companies to Collect and Hand Over User Data
https://www.cnet.com/news/privacy/india-orders-vpn-companies-to-collect-and-hand-over-user-data/

Asyn · 2022-05-05T08:01:16.000Z

Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
https://www.sentinelone.com/labs/moshen-dragons-triad-and-error-approach-abusing-security-software-to-sideload-plugx-and-shadowpad/

Asyn · 2022-05-05T13:39:14.000Z

Conti, REvil, LockBit ransomware bugs exploited to block encryption
https://www.bleepingcomputer.com/news/security/conti-revil-lockbit-ransomware-bugs-exploited-to-block-encryption/

Asyn · 2022-05-06T08:29:39.000Z

Avast Q1/2022 Threat Report
https://decoded.avast.io/threatresearch/avast-q1-2022-threat-report/

Asyn · 2022-05-06T11:20:18.000Z

Augury - Using Data Memory-Dependent Prefetchers to Leak Data at Rest
https://www.prefetchers.info/
https://www.prefetchers.info/augury.pdf

bob3160 · 2022-05-06T12:52:56.000Z

Asyn post:4068:

Avast Q1/2022 Threat Report
https://decoded.avast.io/threatresearch/avast-q1-2022-threat-report/

Thanks for sharing.

Asyn · 2022-05-07T08:12:05.000Z

Update on cyber activity in Eastern Europe
https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/

Asyn · 2022-05-07T11:49:03.000Z

UNC3524: Eye Spy on Your Email
https://www.mandiant.com/resources/unc3524-eye-spy-email

Asyn · 2022-05-08T08:38:55.000Z

The Hermit Kingdom’s Ransomware play
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/the-hermit-kingdoms-ransomware-play.html

Asyn · 2022-05-08T11:19:07.000Z

Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
https://www.nozominetworks.com/blog/nozomi-networks-discovers-unpatched-dns-bug-in-popular-c-standard-library-putting-iot-at-risk/

Asyn · 2022-05-08T14:03:00.000Z

Asyn post:4065:

India Orders VPN Companies to Collect and Hand Over User Data
https://www.cnet.com/news/privacy/india-orders-vpn-companies-to-collect-and-hand-over-user-data/

VPN Providers Threaten to Quit India Over New Data Law
https://www.wired.com/story/india-vpn-data-law/

Asyn · 2022-05-09T07:39:11.000Z

Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation
https://www.cybereason.com/blog/operation-cuckoobees-cybereason-uncovers-massive-chinese-intellectual-property-theft-operation

Asyn · 2022-05-09T12:36:13.000Z

TLStorm 2 – NanoSSL TLS library misuse leads to vulnerabilities in common switches
https://www.armis.com/blog/tlstorm-2-nanossl-tls-library-misuse-leads-to-vulnerabilities-in-common-switches/

Asyn · 2022-05-10T07:20:54.000Z

How your location is being tracked — and what to do about it
https://blog.avast.com/en/secure-browser/how-your-location-is-being-tracked-and-what-to-do-about-it

Asyn · 2022-05-10T12:55:11.000Z

Raspberry Robin gets the worm early
https://redcanary.com/blog/raspberry-robin/

Asyn · 2022-05-11T07:34:17.000Z

Which phishing scams are trending in 2022?
https://blog.avast.com/trending-phishing-scams-2022

Announcements