The #APT known as #Kimsuky strikes again, this time targeting think tanks, academia, and media organizations with a social engineering. The goal? Stealing Google and subscription credentials of a news and analysis service that focuses on North Korea. Enjoy and Happy Hunting!
Link in the comments!
This one is a little different. In this article, SentinelLabs mentioned ReconShark being used. Can you provide me with any TTPs that are associated with that #malware?
Love it when the big boss has a massive problem with how we're storing something because it's a security risk and probably puts us in dodgy territory contractually. And I get the opportunity to say "I said we shouldn't, and I've been saying that for months at every opportunity". #ITSecurity#Smug
Happy Tuesday everyone! #APT37 is the topic of today's #readoftheday, specifically ThreatMon takes a deep-dive into the #RokRat malware, which is a remote access trojan (RAT). Enjoy and Happy Hunting!
Link to article in the comments!
AS usual I am going to leave one of the MITRE ATT&CK blank. I would like to see if any of you that see this can help FILL in that blank! If so, leave your thoughts in the comments OR send me a DM!
Notable MITRE ATT&CK TTPs:
TA0007 - Discovery
T1087 - Account Discovery
T1083 - File and Directory Discovery
T1018 - Remote System Discovery
T1082 - System Information Discovery
TA0009 - Collection
T[What technique covers the threat actor capturing information under the TEMP folder?] - Good luck!
TA0011 - Command And Control
T1071.001 - Application Layer Protocol: Web Protocols
TA0002 - Execution
T1059.003 - Command and Scripting Interpreter: Windows Command Shell
The best way to solve most problems in security and privacy are not always conventional methods, yet people only seek/adopt/purchase things they are already familiar with that are likely to fail them due to innovation on the behalf of those seeking to exploit us. Those of us who seek to make a larger impact must find ways of downplaying our innovative solutions and packaging them up as advancements of the old ways, even when untrue. #InfoSec#SadButTrue
@chetwisniewski Too many IT departments, big and small can’t do the basics. Not that they don’t want to, they can’t. No inventory tools, no patching tools outside of WSUS etc. They are sitting ducks to one simple thing going wrong.
It is like eating badly, you will get away with it for a while, but in the end it will not have a happy ending.
Im Internet müssen wir uns oft erinnern, dass nicht alles echt ist, was wir sehen. Insbesondere bei sogenannten Deepfakes werden wir leicht getäuscht. In unserem Beitrag stellen wir euch eine Methode namens Face Swapping vor.
[EN] We have our @rosenpass strategy meeting this weekend and I don’t have much to contribute to the current topic, so I found something else to do! 😁
[DE] Dieses Wochenende ist #Rosenpass Strategie-Meeting und ich habe zum aktuellen Thema nicht viel beizutragen, deshalb habe ich mir eine andere Beschäftigung gesucht! 😁