Sean Kalinich
Attackers using Google’s Golang to Take a Bite Out of Apple
Two new variants of Cobalt Strike written in Ggoogle’s Golang have popped up on the wild internet. According to SentinelOne, this new flavor is set up to target macOS systems. They have also noted that this new beacon (called Geacon) has been popping up on malware review sites like Virus Total in the past few months. The new detections could be part of red-teaming exercises, but the increase seems to indicate that real-world malicious activity is also part of the surge in detections.
Cloud Management Systems for Three Industrial Cellular Providers Put OT Environments at Risk
Cybersecurity firm OTORIO has announced several new vulnerabilities in cloud management platforms at Black Hat Asia 2023. The Israeli company named three industrial cellular providers with a total of eleven vulnerabilities which could allow for complete compromise of operational technology devices. These three providers represent a very large number of OT and IIoT (Industrial Internet of Things) devices, making them a serious concern.
Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
Game reviews are always fun things to do. I mean it is playing a game and then writing about anything you found while playing it (sounds like fun). The challenge comes from being objective in your writing Vs subjective. Something that I might personally dislike in a game might be the thing that makes a game fun for someone else. It is with that in mind that we bring you our first game review in years. We will be breaking the game down into a couple of areas, objective and subjective findings. So. Let’s kick this off with the fun part, the subjective part.
Discord Discloses Breach from 3rd Party Support Account
The popular socialization platform, Discord, is alerting users to a data breach that occurred due to the compromise of a support agent account. The breach appears to be limited in scope to the ticket queue that the third-party agent was responsible for. The ticket queue contained email addresses, attachments and all messages that might have been exchanged during ticket resolution with this agent.
UK’s CMA Adds Salt to the Wound After Blocking Microsoft Activision Blizzard Deal
The UK’s CMA (Competition and Markets Authority has added new restrictions on Microsoft and Activision Blizzard after already issuing a formal anti-trust warning over the deal back in January. Now the regulator has added additional orders that prevent either party from “acquiring an interest” in each other without written permission from the CMA.
Because Sharing is Caring Why Shouldn’t Leaked Ransomware Code Not Get Reused?
After a Leak of Babuk ransomware source code in late 2021 researchers have identified 9 separate new stains that are intended to target VMware ESXi. The new variants first started showing up in the 2cond half of 2022. As with ransomware as a service, having leaked source code allows less sophisticated attack groups to utilize the work of others to their advantage. In this case the targeting the Linux based ESXi. ESXi is a great target as it allows for the encryption of infrastructure and prevents the rapid restoration of systems since the infrastructure those servers run on is what has been affected.
Microsoft Gaming’s Fall is all About Ignoring Game Quality Than Anything
After Phill Spencer’s recent comments on why Microsoft can’t beat Sony or Nintendo via “normal methods” we started to wonder why he would make this kind of statement. So, with our usual OCD we dove into some of the things that are happening at both Microsoft and Microsoft Gaming. Microsoft has been in an interesting spot and not for the first time. They seem to get into this spot where they are in between strategic and tactical projects. In this “down” time we tend to seem them look to shore up documentation, investigate acquisitions to expand their reach, and start to plan for their next conquest.
When Patching is Not Enough: How Attackers are Looking at Patches to Find the Next Flaw
Microsoft’s Patch Tuesday for May included a patch that was a fix for a flaw that was created from another patch back in March 2023. The March patch was meant to fix vulnerability CVE-2023-23397 which was a known exploited critical vulnerability in Microsoft Outlook’s MapUrlToZone security measure. It was allegedly abused by Russian based threat actors since April 2022. The new flaw is a bypass for the fix put in place in March.
The Greatness Phishing as a Service Platform Intended to Make Targeting MS365 Easier
There is an old saying that says, when you can no longer do, you teach. This might be a relatively true axiom in the regular world, but in the world of cybercrime it is certainly not what you find happening. Instead, we tend to see that when organized groups no longer want the headache and hassle of doing the heavy lifting for attacks, they just build a platform to sell their tools to others. We have seen ransomware as a service, malware as a service, malvertising as a service, and even phishing as a service.
Meta is Dabbling in AI Too with ImageBind Hoping to Mimic Human Perception
If I were to build a list of companies that I would not want to build an AI project Meta, the parent company of Facebook is probably sitting at the top of the list. Yet here we are with a company known for manipulating users, user data and a proven habit of abusing the information it has. Meta is building an AI tool they are calling ImageBind that looks to expand on AI currently understands an environment. Most current AI image generators are (in very simple terms) texts to image generators. They take input in the form of words and create an image from learned input (again in very simple terms).