Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Tag: Cyber (Page 4 of 6)

AI Generated image of a weakling adventurer struggling to climb a small wall due to his lack of preparation.
Looks like our hero needs to hit the weight room!

What’s causing Mike’s Indigestion now? Infrastructure Weak! (19 Jan 2024)

January 18, 2024 /

Good morning folks! I had a great time leading a Threat Hunting Workshop at my alma mater, RIT, and meeting some awesome customers, but in my travels I gathered some updates on the threat & vuln side of things that we all should be aware of. And before we get started, I meant to spell “Weak” that way – so let’s get started!:

Continue reading
AI-generated impage of a little fighter getting the better of a tyrant. These pesky little guys just keep on refusing to quit!
These pesky little guys just keep on refusing to quit!

What’s causing Mike’s Indigestion now? Happy New Fear! (12 Jan 2024)

January 11, 2024 /

Good morning folks! I had a great time in Boston this week hanging out with a cool partner, but in my travels I gathered some updates on the threat side of things that we all should be aware of:

Score one for the good guys!

Cisco Talos and Avast teamed up with Dutch authorities to take down the Babuk Torilla ransomware strain’s key folks, and they have also worked together to provide a decryptor for potential victims.

Continue reading
Mid-Journey AI generated image of Santa Claus hacking by the Christmas Tree.
No Cookies for me? I'll just hook your browser and get my own.

What’s causing Mike’s Indigestion now? I’ll be Pwn for the Christmas! (22 Dec 2023)

December 22, 2023 /

Good day folks! I’m prepping for my holiday shutdown here at Cisco, but before I do, I have a threat update including some interesting developments on vulnerability hoarding that would make the Grinch cringe. But first:

Continue reading
AI generated image of a adventurer who is very upset at having to trudge through a blizzard in Russia.
Probably a bad idea to make the auditor file reports from the DC cold aisle...

What’s causing Mike’s Indigestion now? Cozy Bear Blizzards! (15 Dec 2023)

December 14, 2023 /

Good morning folks! I have some updates on the threat side of things that we all should be aware of:

In our first update, Russian SVR-backed pests known as APT29, CozyBear, NOBELIUM or the MS name of “Midnight Blizzard” are following the lead of North Korean adversaries. They’re exploiting a really bad JetBrains TeamCity vuln (CVE-2023-42793/9.8 CVSS) to manipulate source code, sign certs, and push updates. TeamCity is a CI/CD tool that helps run DevOps, sort of like Travis CI, Jenkins, CircleCI, and more. So it has the potential to be like SolarWinds issues a couple of years ago. Now appears they have patiently used it to get into more of the supply chain and gain as-of-yet dormant footholds. They are even using Dropbox to help mask their C2 – Yikes!

Continue reading
AI-generated image of an adventurer trying to complete an election ballet while a terminator robot stands by.
Shouldn't you be watching Sarah Conner fill out HER ballot?

What’s causing Mike’s Indigestion now? AI & Elections! (8 Dec 2023)

December 8, 2023 /

Good morning folks! I have a lot of updates on the threat side of things, some talk of elections & AI, and more that we all should be aware of:

Cisco’s Talos just released an awesome 2023 Year In Review that helps break down the trends and strains that kept them up late at night changed the threat landscape. Of note?

Continue reading
« Older posts Newer posts »

© 2025 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights