DecryptedTech Feed (3878)
Thursday, 05 May 2022 10:02
DLL Hijacking used Against Ransomware to Stop Encryption Process
Written by Sean Kalinich
The idea of DLL hijacking is a well known one and one that is used by attackers to compromise security tools and even sophisticated anti-malware solutions. DLLs (Dynamic Link Library) are not much more than static files that sit idle…
Read 1509 times
Published in
Security Talk
Wednesday, 04 May 2022 09:48
Chat Logs Expose Ransomware Groups Methods and Styles of Interactions with Victims
Written by Sean Kalinich
Ransomware is a huge shadow over many businesses and individuals’ heads. It has loomed as a significant threat since the first stains hit the internet inside malicious zip files masquerading as “Xerox” documents. Since that time ransomware and the groups…
Read 1603 times
Published in
Security Talk
Monday, 02 May 2022 12:15
Google Says they Will Fight Doxxing, With Some Conditions of Course
Written by Sean Kalinich
Google is an odd company. They have used the personal vs corporate data ownership line like a jump rope over the years. We have watched them for a long time and all we can say is that their track record…
Read 1489 times
Published in
Security Talk
Monday, 02 May 2022 08:39
Cloud Services Suffer the Same Issue as On Prem Services, they just Hide it Better
Written by Sean Kalinich
It Cloud services are exceptionally popular as a cost effective and simple method to maintain common operational needs. Everything from email to fully fledged infrastructures can be maintained in the “cloud”. All of these can be accomplished at lower overall…
Read 2006 times
Published in
Security Talk
Friday, 29 April 2022 08:36
Conti has a New Toy as Bumblebee Malware Replaces BazarLoader
Written by Sean Kalinich
April must be the month for new malware tools to be released, or at least announced as we have already heard about new forms of attack/infection from the group behind Emotet and now we hear that Conti has replaced BazarLoader…
Read 1290 times
Published in
Security Talk
Wednesday, 27 April 2022 11:07
More Flaws Found in NPM Allowing Attackers to Attach Malicious Packages to Known Good Devs.
Written by Sean Kalinich
A new flaw has been identified in the Node.js package manager, NPM. The flaw is being described as a logical flaw, but in reading over the data it seems more like a permissions flaw. The good news is that as…
Read 1063 times
Published in
Security Talk
Wednesday, 27 April 2022 06:30
Yet Another New Attack Method Shows Up From the Group Behind Emotet
Written by Sean Kalinich
Yesterday we told you that the gang behind Emotet was looking to used Excel add-ins as a possible new technique to compromise systems as part of their spamming campaigns. The detected techniques were labeled as potentially being part of research…
Read 1183 times
Published in
Security Talk
Tuesday, 26 April 2022 09:31
The Group Behind Emotet is Looking to Get Around Microsoft’s VBA Changes
Written by Sean Kalinich
TA542 the wonderful people that brought you Emotet appears to be in the middle of a development and testing cycle on new delivery methods. According to researchers at ProofPoint the creators or the Emotet Botnet are potentially looking to find…
Read 1219 times
Published in
Security Talk
Friday, 22 April 2022 10:13
Amazon’s Awkward Moment as Log4J Fix has an Escalation and Escape Bug
Written by Sean Kalinich
It seems that Amazon’s hotfix for Log4Shell in their AWS environment might have been a bit rushed. According to a review of the hot there are a total of four CVEs specifically related to the hotfix and how it functions.…
Read 1209 times
Published in
Security Talk
Thursday, 21 April 2022 05:37
Okta now says Lapsus$ only had 25 Minutes of Fame with Two Clients
Written by Sean Kalinich
The breach of IDAM group Okta in January by the self-promoting group Lapsus$ amidst other high-profile breaches and data leaks this year was a significant concern. The concern rose because when the incident first happened, Okta passed it off as…
Read 1129 times
Published in
Security Talk
Friday, 15 April 2022 06:08
There is Good News and Bad news in the Atlassian Outage.
Written by Sean Kalinich
On April 6th news of an outage at Atlassian that affected customers using Jira, Confluence and other products started to surface. The outage started the day before on the 5th and started rumors of everything from a ransomware attack to…
Read 1481 times
Published in
In Other News
Thursday, 14 April 2022 16:51
CISA warns that US ICS/SCADA Systems are being Targeted by Threat Groups
Written by Sean Kalinich
CISA has issued another warning that SCADA/ICS systems are being targeted for attack. This time they are in the sights of Nation-State groups and with customized tools. The tools are part of follow-on activities after the initial beachhead has been…
Read 1133 times
Published in
Security Talk
Wednesday, 13 April 2022 05:13
Law Enforcement Celebrates Another Hacker Forum Takedown as the Seizure of RaidForums is Announced.
Written by Sean Kalinich
2022 has been a busy year for the information security industry on both sides of the playing field. We have seen an increase in target attacks on businesses, a larger number of Zero-Day vulnerabilities disclosed that were being actively exploited…
Read 888 times
Published in
Security Talk
Tuesday, 12 April 2022 09:11
Open Source Takes Another Hit as 3rd Protestware Shows up in NPM Repository
Written by Sean Kalinich
The Open Source community has been one that many leverage to help build their applications. It has become a great place to find applications packages that make building out a larger application or eco systems less time consuming. We see…
Read 1137 times
Published in
Security Talk
Monday, 11 April 2022 09:26
Twitter Backtracks on Removing Embedded Tweets from 3rd Party Websites after Deletion for Now
Written by Sean Kalinich
Twitter is an interesting company. On the one hand they act like they are a bastion of free speech and have stood up for the anonymity of some of the users. They have, in the past refused government interference in…
Read 1329 times
Published in
In Other News
Monday, 11 April 2022 07:45
Leaked Conti Ransomware used in Attacks on Russian Targets
Written by Sean Kalinich
Not that long ago, a Ukrainian security researcher published a vast number of internal chats from the Ransomware group Conti. On top of that treasure trove of information the same researcher also published the source code for the Conti Ransomware.…
Read 1330 times
Published in
Security Talk