DecryptedTech Feed (3875)

On Wednesday Microsoft’s threat group unveiled information about a new Russian Threat Group with ties to the GRU. As part of the announcement, they also noted that the group has a low success rate and poor operational security. The group,…
If there is one thing you can say about modern threat groups, it is that they are clever. The new tactics and techniques they identify, and implement are impressive. A recent technique identified is the use of abandoned S3 buckets.…
The last couple of months have been rather busy with the identification of critical vulnerabilities. Multiple Zero-Days were found in different pieces of software including Remote Code Execution, data modification and theft, and complete compromise of other devices that require…
MOVEit has been in the news quite a bit lately. First it was the disclosure of a Zero-Day that was actively being exploited since October 2022. Next up was the fact that the group exploiting the flaw was probably tinkering…
Although Banking, Mortgage, and other financial institutions are always under attack, it is never a good thing to see a coordinated campaign targeting them. Microsoft has disclosed once such campaign using Attacker (Adversary, Man)-in -the-Middle tactics for phishing and BEC…
In today’s episode of why we need to change how we do things; it has come to light that the critical MOVEit zero-day that allowed complete control over targeted file transfer platforms may have been identified by the Cl0p ransomware…
One thing that has always bothered me is the concept that censoring or hiding certain types of speech, thought, information etc., is somehow going to change minds and make society better. Simply put, this approach is myopic and bankrupt in…
The fine folks at the Royal ransomware group have begun testing a new flavor of encryptor that is being called BlackSuit (The hat was already taken). First identified in January of this year (2023), Royal is believed to be Conti…
Google has pushed out a new patch for Chrome to deal with a zero-day vulnerability tracked as CVE-2023-3079. In the patch release Google is clear that this vulnerability is actively being exploited in the wild and that users of both…
After the disclosure of a serious Zero-Day that allowed an unauthenticated user to basically own the device. Barracuda is now saying that remediation action for any device that was compromised is a full replacement regardless of the firmware version. It…
As we hear more about Supply Chain attacks and the need for Software Build of Materials we are now hearing of an attack on the popular game, Minecraft. It seems that attackers are leveraging popular Modding platforms to push out…
As if the internet needed something else bad floating around it seems that groups that engage in extortion schemes involving the threat of releasing images of a sexual nature are now getting help from AI image creation tools. Sextortion emails…
It is Wednesday, so it is about time to talk about a new strain of malware. In this case one that leverages Microsoft’s PowerShell to do its dirty work. Primarily a post-exploitation tool, PowerDrop is leveraged after access is obtained…
Anyone that does not think that cybercrime is now a bug business has been living under a rock. The news related to different cybercrime-as-a-service groups, especially ransomware, has never been more frequent. We have seen groups offer larger profit sharing,…
Since Executive Order 14028 came out on May 12th from the Biden Administration there has been a lot of talk about what it means and what are the legal and regulatory ramifications of this order. While the larger conversation is…
So, there you are, you have found the one thing in all the internet that will make your object drive life complete. You put the fabulous object into your cart, giddily fumble out your credit card and enter those embossed…