Good morning folks! I had a great time leading a Threat Hunting Workshop at my alma mater, RIT, and meeting some awesome customers, but in my travels I gathered some updates on the threat & vuln side of things that we all should be aware of. And before we get started, I meant to spell “Weak” that way – so let’s get started!:
Continue readingTag: Cyber (Page 4 of 6)
Good morning folks! I had a great time in Boston this week hanging out with a cool partner, but in my travels I gathered some updates on the threat side of things that we all should be aware of:
Score one for the good guys!
Cisco Talos and Avast teamed up with Dutch authorities to take down the Babuk Torilla ransomware strain’s key folks, and they have also worked together to provide a decryptor for potential victims.
Continue readingGood day folks! I’m prepping for my holiday shutdown here at Cisco, but before I do, I have a threat update including some interesting developments on vulnerability hoarding that would make the Grinch cringe. But first:
Continue readingGood morning folks! I have some updates on the threat side of things that we all should be aware of:
In our first update, Russian SVR-backed pests known as APT29, CozyBear, NOBELIUM or the MS name of “Midnight Blizzard” are following the lead of North Korean adversaries. They’re exploiting a really bad JetBrains TeamCity vuln (CVE-2023-42793/9.8 CVSS) to manipulate source code, sign certs, and push updates. TeamCity is a CI/CD tool that helps run DevOps, sort of like Travis CI, Jenkins, CircleCI, and more. So it has the potential to be like SolarWinds issues a couple of years ago. Now appears they have patiently used it to get into more of the supply chain and gain as-of-yet dormant footholds. They are even using Dropbox to help mask their C2 – Yikes!
Continue readingGood morning folks! I have a lot of updates on the threat side of things, some talk of elections & AI, and more that we all should be aware of:
Cisco’s Talos just released an awesome 2023 Year In Review that helps break down the trends and strains that kept them up late at night changed the threat landscape. Of note?
Continue reading