| 1 |
Access Now |
Hacking Meduza: Pegasus spyware used to target Putin’s critic |
| 2 |
amatas |
Cyber Threat Report: August 2023 |
| 3 |
Andreas Sfakianakis |
When Cyber Meets Physical |
| 4 |
Apple |
About Apple threat notifications and protecting against state-sponsored attacks |
| 5 |
Avanan |
ZeroFont Phishing: Manipulating Font Size to Get Past Office 365 SecurityZeroFont Phishing: Manipulating Font Size to Get Past Office 365 Security |
| 6 |
BlackBerry |
Silent Skimmer: Online Payment Scraping Campaign Shifts Targets From APAC to NALA |
| 7 |
Blockchain Threat Intelligence |
BlockThreat - Week 34, 2023 |
| 8 |
BreachLock |
2023 BreachLock Penetration Testing Intelligence Report |
| 9 |
Check Point |
Check Point Research exposes new versions of the BBTok banking malware, which targets clients of over 40 Mexican and Brazilian banks |
| 10 |
Checkmarx |
Attacker Unleashes Stealthy Crypto Mining via Malicious Python Package |
| 11 |
Checkmarx |
August 2023 - Supply Chain Monthly Report |
| 12 |
Checkmarx |
Surprise: When Dependabot Contributes Malicious Code |
| 13 |
Checkmarx |
Threat Actor continues to Plague the Open-Source Ecosystem with Sophisticated Info-Stealing Malware |
| 14 |
CISA (Cybersecurity & Infrastructure Security Agency, the United States of America), FBI (Federal Bureau of Investigation, the United States of America), NSA (National Security Agency, the United States of America), NPA (National Police Agency, Japan), NISC (National Center of Incident Readiness and Strategy for Cybersecurity, Japan) |
People’s Republic of China-Linked Cyber Actors Hide in Router Firmware |
| 15 |
CISA (Cybersecurity & Infrastructure Security Agency, the United States of America), FBI (Federal Bureau of Investigation, the United States of America), NSA (National Security Agency, the United States of America) |
Contextualizing Deepfake Threats to Organizations |
| 16 |
CISA (Cybersecurity & Infrastructure Security Agency, the United States of America), FBI (Federal Bureau of Investigation, the United States of America) |
#StopRansomware: Snatch Ransomware |
| 17 |
Cisco |
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerability |
| 18 |
Cisco |
Cisco Event Response: September 2023 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication |
| 19 |
Cofense |
Luxury Hotels Remain Major Target of Ongoing Social Engineering Attack |
| 20 |
CyberArk |
The MGM Resorts Attack: Initial Analysis |
| 21 |
Cyfirma |
RedLine Stealer: A new variant surfaces, Deploying using Batch Script |
| 22 |
Darktrace |
Akira Ransomware: How Darktrace Foiled Another Novel Ransomware Attack |
| 23 |
Devo |
Devo Cybersecurity Burnout Survey: Quick Read Report |
| 24 |
DHS (Department of Homeland Security, the United States of America) |
Homeland Threat Assessment 2024 |
| 25 |
DotT (U.S. Department of the Treasury) |
United States and United Kingdom Sanction Additional Members of the Russia-Based Trickbot Cybercrime Gang |
| 26 |
EclecticIQ |
Decrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang |
| 27 |
eSentire |
Russia-Linked LockBit Gang Attacks an MSP and Two Manufacturers Using the Targets’ RMM Tools to Infect Downstream Customers and Employees with Ransomware |
| 28 |
ESET |
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps |
| 29 |
ESET |
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company |
| 30 |
ESET |
UAE-linked Stealth Falcon spies with sophisticated new backdoor on its neighbors, ESET Research discovers |
| 31 |
Europol |
Cyber-attacks: the apex of crime-as-a-service (IOCTA 2023) |
| 32 |
Florian Roth |
Emerging Cybersecurity Threats: What to Watch Out For in Q4 2023 |
| 33 |
GitLab |
GitLab Critical Security Release: 16.3.4 and 16.2.7 |
| 34 |
Google (Google Threat Analysis Group (GTAG)) |
Active North Korean campaign targeting security researchers |
| 35 |
Google |
Stable Channel Update for Desktop |
| 36 |
Group-IB |
Dusting for fingerprints: ShadowSyndicate, a new RaaS player? |
| 37 |
Group-IB |
Hunting Rituals #2:Threat hunting for abuse of Windows Services |
| 38 |
Group-IB |
W3LL done: uncovering hidden phishing ecosystem driving BEC attacks |
| 39 |
Group-IB |
W3LL oiled machine: Group-IB uncovers covert BEC phishing empire targeting Microsoft 365 – report |
| 40 |
IANS Research |
2023 Security Budget Benchmark Summary Report |
| 41 |
IBM (IBM X-Force) |
X-Force Cloud Threat Landscape Report 2023 |
| 42 |
Intel Optics |
CAPABILITY MATURITY FOR CYBER THREAT INTELLIGENCE (CM-CTI) MODEL |
| 43 |
Intrinsec Security |
Ongoing threats targeting the energy industry |
| 44 |
Kaspersky |
Cuba ransomware gang deploys new malware |
| 45 |
Logpoint |
Emerging Threat: Akira, Not a CyberPunk Movie – A Very Real Ransomware Threat |
| 46 |
Mandiant |
Analysis of Time-to-Exploit Trends: 2021-2022 |
| 47 |
Mandiant |
Backchannel Diplomacy: APT29’s Rapidly Evolving Diplomatic Phishing Operations |
| 48 |
Mandiant |
Why Are You Texting Me? UNC3944 Leverages SMS Phishing Campaigns for SIM Swapping, Ransomware, Extortion, and Notoriety |
| 49 |
Microsoft (Microsoft Security Response Center) |
Results of Major Technical Investigations for Storm-0558 Key Acquisition |
| 50 |
Microsoft (Microsoft Threat Analysis Center) |
China, North Korea pursue new targets while honing cyber capabilities |
| 51 |
Microsoft (Microsoft Threat Analysis Center) |
Russia’s influence networks in Sahel activated after coups |
| 52 |
Microsoft (Microsoft Threat Intelligence) |
Flax Typhoon using legitimate software to quietly access Taiwanese organizations |
| 53 |
Microsoft (Microsoft Threat Intelligence) |
Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets |
| 54 |
Morphisec |
Chae$ 4: New Chaes Malware Variant Targeting Financial and Logistics Customers |
| 55 |
NCSC-UK (National Cyber Security Centre, United Kingdom), NCA-UK (National Crime Agency, United Kingdom) |
Ransomware, extortion and the cyber crime ecosystem |
| 56 |
Netacea |
Death By a Billion Bots |
| 57 |
NETSCOUT |
DDoS Threat Intelligence Report: Issue 11 |
| 58 |
NIST (National Institute of Standards and Technology, United States of America) |
CVE-2023-2453 Detail |
| 59 |
NIST (National Institute of Standards and Technology, United States of America) |
CVE-2023-28432 Detail |
| 60 |
NIST (National Institute of Standards and Technology, United States of America) |
CVE-2023-28434 Detail |
| 61 |
okta |
Cross-Tenant Impersonation: Prevention and Detection |
| 62 |
OPSWAT, SANS |
SANS ICS/OT Cybersecurity Survey: 2023’s Challenges and Tomorrow’s Defenses |
| 63 |
PHROZEN |
Malware Gallery (Beta) |
| 64 |
Project Honey Pot |
Directory of Malicious IPs |
| 65 |
Proofpoint |
ZenRAT: Malware Brings More Chaos Than Calm |
| 66 |
PWC |
Why does strategic threat intelligence matter? |
| 67 |
QuoIntelligence |
Weekly Intelligence Snapshot – Week 35, 2023 |
| 68 |
Rapid7 |
Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers |
| 69 |
ReasonLabs |
Consumer Cybersecurity Trends Report: Summer 2023 |
| 70 |
Red Canary |
Intelligence Insights: September 2023 |
| 71 |
Red Canary |
Remote control: Detecting RMM software and other remote admin tools |
| 72 |
ReversingLabs |
Fake Roblox packages target npm with Luna Grabber info-stealing malware |
| 73 |
Secureworks |
SMOKE LOADER DROPS WHIFFY RECON WI-FI SCANNING AND GEOLOCATION MALWARE |
| 74 |
Security Joes |
New Attack Vector In The Cloud: Attackers caught exploiting Object Storage Services |
| 75 |
Securonix |
Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware |
| 76 |
Sekoia.io |
The Transportation sector cyber threat overview |
| 77 |
Sekoia.io |
My Tea’s not cold. An overview of China’s cyber threat |
| 78 |
Sekoia.io |
Sekoia.io mid-2023 Ransomware Threat Landscape |
| 79 |
SentinelOne, SentinelLabs |
CapraTube: Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones |
| 80 |
SentinelOne, SentinelLabs |
Cyber Soft Power: China’s Continental Takeover |
| 81 |
SentinelOne, SentinelLabs |
Sandman APT: A Mystery Group Targeting Telcos with a LuaJIT Toolkit |
| 82 |
SOCRadar |
Telegram Hit by a DDoS Attack: What Is the Cause Behind It? |
| 83 |
Splunk |
Sharing is Not Caring: Hunting for Network Share Discovery |
| 84 |
STAR Labs SG |
P2O Vancouver 2023: SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) |
| 85 |
State Service of Special Communications and Information Protection of Ukraine |
How russian government-controlled hacking groups shift their tactics, objectives and capacities — report |
| 86 |
State Service of Special Communications and Information Protection of Ukraine |
The АРТ28 hacking group associated with russian special services attempts an attack on critical power infrastructure facility of Ukraine |
| 87 |
Strike Source |
The Evolution of Command-and-Control Servers |
| 88 |
Symantec |
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack |
| 89 |
Synopsys |
CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusion File Manager |
| 90 |
Talos, Cisco |
SapphireStealer: Open-source information stealer enables credential and data theft |
| 91 |
The Citizen Lab |
BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild |
| 92 |
The Citizen Lab |
Pegasus Infection of Galina Timchenko, exiled Russian Journalist and Publisher |
| 93 |
The Citizen Lab |
Predator in the Wires |
| 94 |
The DFIR Report |
From ScreenConnect to Hive Ransomware in 61 hours |
| 95 |
ThreatFabric |
Xenomorph Malware Strikes Again: Over 30+ US Banks Now Targeted |
| 96 |
Trellix |
QakBot’s Endgame: The Final Move Before the Takedown |
| 97 |
Trend Micro |
Earth Estries Targets Government, Tech for Cyberespionage |
| 98 |
Trend Micro |
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement |
| 99 |
Trend Micro |
RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware |
| 100 |
Trend Micro |
Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores |
| 101 |
Unit42 |
Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT |
| 102 |
Unit42 |
Threat Group Assessment: Turla (aka Pensive Ursa) |
| 103 |
Wipro |
State of Cybersecurity Report 2023 #SOCR |
| 104 |
Wiz Research |
38TB of data accidentally exposed by Microsoft AI researchers |