Artwork

Paul Torgersen द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Paul Torgersen या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal
Player FM - पॉडकास्ट ऐप
Player FM ऐप के साथ ऑफ़लाइन जाएं!

Ransomware Decoy, Quantum .LNK Builder, Mitel VoIP Zero-Day, and more.

2:57
 
साझा करें
 

संग्रहीत श्रृंखला ("निष्क्रिय फ़ीड" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? निष्क्रिय फ़ीड status. हमारे सर्वर निरंतर अवधि के लिए एक वैध डिजिटल ऑडियो फ़ाइल फ़ीड पुनर्प्राप्त करने में असमर्थ थे।

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 332499187 series 2478053
Paul Torgersen द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Paul Torgersen या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal
A daily look at the relevant information security news from overnight - 24 June, 2022
Episode 252 - 24 June 2022
Ransomware Decoy- https://www.theregister.com/2022/06/24/ransomware_as_espionage_distraction/
Quantum .LNK Builder -
https://www.bleepingcomputer.com/news/security/malicious-windows-lnk-attacks-made-easy-with-new-quantum-builder/
Python Backdoor- https://thehackernews.com/2022/06/multiple-backdoored-python-libraries.html
Hermit Spies Android and iOS -
https://www.securityweek.com/sma-technologies-patches-critical-security-issue-workload-automation-solution
Mitel VoIP Zero-Day -
https://thehackernews.com/2022/06/hackers-exploit-mitel-voip-zero-day-bug.html
Hi, I’m Paul Torgersen. It’s Friday June 24th, 2022, and this is a look at the information security news from overnight.
From TheRegister.com
A state-sponsored Chinese threat group that Secureworks has named Bronze Starlight, has a ransomware campaign that is targeting pharmaceutical companies, electronic component designers and manufacturers, US law firms, and aerospace and defense companies. The thing is, the ransomware is just a decoy. Researchers believe the true aim is cyber espionage, which explains why these specific types of companies are being targeted. Link to that research in the article.
From BleepingComputer.com:
Researchers have noticed a new tool they call Quantum that helps cybercriminals build malicious .LNK files to deliver payloads. These are especially popular in phishing campaigns, currently being used by Emotet, Bumblebee, Qbot, and IcedID. Quantum features a graphical interface and hundreds of icon and extension spoofing options, and you can rent it starting at less than 200 Euros a month. A link to the Cyble research in the article.
From The HackerNews.com:
Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. What’s not for certain is if this is the result of an attack, or some sort of pen-test situation. This would be at least the third such example of a pen tester making a point in the last month or so.
From ThreatPost.com:
Google is warning that the Hermit spyware by RCS Labs out of Italy, is being deployed against Android and iOS users. The campaign is targeting victims in Kazakhstan and Italy. Last week it was learned that the Kazak government was using this same spyware against its own citizens. Google says the fake apps containing the spyware are not in the Google Play or Apple stores and are only downloaded from third party websites.
And last today, from TheHackerNews.com
A suspected ransomware intrusion against an unnamed target is leveraging a Linux based Mitel VoIP appliance as an entry point. CrowdStrike says the threat actor is exploiting a 9.8 severity bug that Mitel had patched back in April and are utilizing a couple of anti-forensic measures to erase traces of their actions. Details and links in the article.
That’s all for me today. Have a great weekend. Like and subscribe, and until next week, be safe out there.
  continue reading

221 एपिसोडस

Artwork
iconसाझा करें
 

संग्रहीत श्रृंखला ("निष्क्रिय फ़ीड" status)

When? This feed was archived on May 25, 2023 16:09 (10M ago). Last successful fetch was on July 29, 2022 18:35 (1+ y ago)

Why? निष्क्रिय फ़ीड status. हमारे सर्वर निरंतर अवधि के लिए एक वैध डिजिटल ऑडियो फ़ाइल फ़ीड पुनर्प्राप्त करने में असमर्थ थे।

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 332499187 series 2478053
Paul Torgersen द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Paul Torgersen या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal
A daily look at the relevant information security news from overnight - 24 June, 2022
Episode 252 - 24 June 2022
Ransomware Decoy- https://www.theregister.com/2022/06/24/ransomware_as_espionage_distraction/
Quantum .LNK Builder -
https://www.bleepingcomputer.com/news/security/malicious-windows-lnk-attacks-made-easy-with-new-quantum-builder/
Python Backdoor- https://thehackernews.com/2022/06/multiple-backdoored-python-libraries.html
Hermit Spies Android and iOS -
https://www.securityweek.com/sma-technologies-patches-critical-security-issue-workload-automation-solution
Mitel VoIP Zero-Day -
https://thehackernews.com/2022/06/hackers-exploit-mitel-voip-zero-day-bug.html
Hi, I’m Paul Torgersen. It’s Friday June 24th, 2022, and this is a look at the information security news from overnight.
From TheRegister.com
A state-sponsored Chinese threat group that Secureworks has named Bronze Starlight, has a ransomware campaign that is targeting pharmaceutical companies, electronic component designers and manufacturers, US law firms, and aerospace and defense companies. The thing is, the ransomware is just a decoy. Researchers believe the true aim is cyber espionage, which explains why these specific types of companies are being targeted. Link to that research in the article.
From BleepingComputer.com:
Researchers have noticed a new tool they call Quantum that helps cybercriminals build malicious .LNK files to deliver payloads. These are especially popular in phishing campaigns, currently being used by Emotet, Bumblebee, Qbot, and IcedID. Quantum features a graphical interface and hundreds of icon and extension spoofing options, and you can rent it starting at less than 200 Euros a month. A link to the Cyble research in the article.
From The HackerNews.com:
Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. What’s not for certain is if this is the result of an attack, or some sort of pen-test situation. This would be at least the third such example of a pen tester making a point in the last month or so.
From ThreatPost.com:
Google is warning that the Hermit spyware by RCS Labs out of Italy, is being deployed against Android and iOS users. The campaign is targeting victims in Kazakhstan and Italy. Last week it was learned that the Kazak government was using this same spyware against its own citizens. Google says the fake apps containing the spyware are not in the Google Play or Apple stores and are only downloaded from third party websites.
And last today, from TheHackerNews.com
A suspected ransomware intrusion against an unnamed target is leveraging a Linux based Mitel VoIP appliance as an entry point. CrowdStrike says the threat actor is exploiting a 9.8 severity bug that Mitel had patched back in April and are utilizing a couple of anti-forensic measures to erase traces of their actions. Details and links in the article.
That’s all for me today. Have a great weekend. Like and subscribe, and until next week, be safe out there.
  continue reading

221 एपिसोडस

सभी एपिसोड

×
 
Loading …

प्लेयर एफएम में आपका स्वागत है!

प्लेयर एफएम वेब को स्कैन कर रहा है उच्च गुणवत्ता वाले पॉडकास्ट आप के आनंद लेंने के लिए अभी। यह सबसे अच्छा पॉडकास्ट एप्प है और यह Android, iPhone और वेब पर काम करता है। उपकरणों में सदस्यता को सिंक करने के लिए साइनअप करें।

 

त्वरित संदर्भ मार्गदर्शिका