DecryptedTech Feed (3878)
Friday, 16 June 2023 13:15
DNS over HTTPS Tunneling Found in New Linux Backdoor from ChamelGang
Written by Sean Kalinich
There is a new threat in town from the ChamelGang. This new threat is a Linux backdoor that just been identified and shows that the threat group is expanding their capabilities. Identified by Stairwell and dubber ChamelDoH (for DNS over…
Read 815 times
Published in
News
Friday, 16 June 2023 10:41
Russian National Magomedovich Astamirov Arrested in Arizona Suspected of being a LockBit Affiliate
Written by Sean Kalinich
A 20-year-old Russian National Magomedovich Astamirov was arrested in Arizona and had his initial appearance in court yesterday. The arrest and charges come after a lengthy investigation into the Ransomware as a Service Group, LockBit. This is the second arrest…
Read 1011 times
Published in
News
Friday, 16 June 2023 09:46
The MOVEit Saga continues, More Flaws found and Cl0p Begins to Extort Victims
Written by Sean Kalinich
Here we are with another story about MOVEit and just how bad things have gotten for the Managed File Transfer application and their parent company Progress Software. The group behind the attack, Cl0p ransomware gang, has started to extort the…
Read 712 times
Published in
News
Thursday, 15 June 2023 12:59
Microsoft Reveals new GRU Related Threat Group with Low Success Rate
Written by Sean Kalinich
On Wednesday Microsoft’s threat group unveiled information about a new Russian Threat Group with ties to the GRU. As part of the announcement, they also noted that the group has a low success rate and poor operational security. The group,…
Read 518 times
Published in
News
Thursday, 15 June 2023 11:38
Hygiene Matters as Abandoned S3 Buckets Used in New Supply Chain Attack
Written by Sean Kalinich
If there is one thing you can say about modern threat groups, it is that they are clever. The new tactics and techniques they identify, and implement are impressive. A recent technique identified is the use of abandoned S3 buckets.…
Read 838 times
Published in
News
Monday, 12 June 2023 13:53
Fortinet Pre-Authentication RCE flaw Found in SSL VPN Function
Written by Sean Kalinich
The last couple of months have been rather busy with the identification of critical vulnerabilities. Multiple Zero-Days were found in different pieces of software including Remote Code Execution, data modification and theft, and complete compromise of other devices that require…
Read 871 times
Published in
News
Monday, 12 June 2023 12:34
MOVIEit is having a Very Bad Week as more Flaw Found after Security Audit
Written by Sean Kalinich
MOVEit has been in the news quite a bit lately. First it was the disclosure of a Zero-Day that was actively being exploited since October 2022. Next up was the fact that the group exploiting the flaw was probably tinkering…
Read 770 times
Published in
News
Friday, 09 June 2023 14:59
Just When you Thought it was Safe to go Back to the Bank, Microsoft Finds Banking Attacks Targeting Financial Institutions
Written by Sean Kalinich
Although Banking, Mortgage, and other financial institutions are always under attack, it is never a good thing to see a coordinated campaign targeting them. Microsoft has disclosed once such campaign using Attacker (Adversary, Man)-in -the-Middle tactics for phishing and BEC…
Read 625 times
Published in
News
Friday, 09 June 2023 11:18
MOVEit Zero-Day May Have Been Known by Threat Groups Since 2021
Written by Sean Kalinich
In today’s episode of why we need to change how we do things; it has come to light that the critical MOVEit zero-day that allowed complete control over targeted file transfer platforms may have been identified by the Cl0p ransomware…
Read 1012 times
Published in
News
Friday, 09 June 2023 10:23
In a Marketplace of Ideas, Censorship is Always Bad Even if Done for the Right Reasons.
Written by Sean Kalinich
One thing that has always bothered me is the concept that censoring or hiding certain types of speech, thought, information etc., is somehow going to change minds and make society better. Simply put, this approach is myopic and bankrupt in…
Read 628 times
Published in
Editorials
Thursday, 08 June 2023 16:03
Bring on the Ransomware Beta Test as Royal Begins Seems to be testing a New Encryptor called BlackSuit
Written by Sean Kalinich
The fine folks at the Royal ransomware group have begun testing a new flavor of encryptor that is being called BlackSuit (The hat was already taken). First identified in January of this year (2023), Royal is believed to be Conti…
Read 1302 times
Published in
News
Thursday, 08 June 2023 15:12
Google and Microsoft Share a Zero Day as both Chrome and Edge get Patch Now Guidance.
Written by Sean Kalinich
Google has pushed out a new patch for Chrome to deal with a zero-day vulnerability tracked as CVE-2023-3079. In the patch release Google is clear that this vulnerability is actively being exploited in the wild and that users of both…
Read 1506 times
Published in
News
Thursday, 08 June 2023 12:33
Barracuda Email Security Gateway Appliances that were Exploited due to Zero-Day Must Be Replaced, not Patched
Written by Sean Kalinich
After the disclosure of a serious Zero-Day that allowed an unauthenticated user to basically own the device. Barracuda is now saying that remediation action for any device that was compromised is a full replacement regardless of the firmware version. It…
Read 713 times
Published in
News
Wednesday, 07 June 2023 15:24
Minecraft Mods stuffed with Malware Used to Target Windows and Linux
Written by Sean Kalinich
As we hear more about Supply Chain attacks and the need for Software Build of Materials we are now hearing of an attack on the popular game, Minecraft. It seems that attackers are leveraging popular Modding platforms to push out…
Read 1367 times
Published in
News
Wednesday, 07 June 2023 14:24
Sextortionists Get a Boost from AI and Publicly Available Images
Written by Sean Kalinich
As if the internet needed something else bad floating around it seems that groups that engage in extortion schemes involving the threat of releasing images of a sexual nature are now getting help from AI image creation tools. Sextortion emails…
Read 613 times
Published in
News
Wednesday, 07 June 2023 13:31
New PowerShell Malware Dubbed PowerDrop used to Target US Aerospace Industry
Written by Sean Kalinich
It is Wednesday, so it is about time to talk about a new strain of malware. In this case one that leverages Microsoft’s PowerShell to do its dirty work. Primarily a post-exploitation tool, PowerDrop is leveraged after access is obtained…
Read 775 times
Published in
News