Decryptedtech Decryptedtech Decryptedtech Decryptedtech
  • Home
  • Articles
    • News
    • Security Talk
    • Game Thoughts
    • Editorials
    • Shows and Events
    • Leaks and Rumors
    • My Ramblings
    • In Other News
    • Bits, Bytes, and Bourbon
  • Consulting
    • Security Consulting
    • Why Us
    • Services
  • Privacy Policy
  • Archived Items
    • Reviews
      • Enthusiast Gear
        • Motherboards
        • CPUs
        • GPUs
        • Audio
        • Storage and Networking
        • Entusiast Peripherals
      • Pro Gear
        • Motherboards
        • Memory
        • Storage and Networking
      • Consumer Gear
        • Motherboards
        • Audio
        • Storage and Networking
        • Consumer Peripherals
      • Home Theater
      • Mobile Computing
      • Tech Unplugged
      • Gadgets
      • Systems
        • Pro Systems
      • Software and Games
        • Consumer Software
        • Games
      • Peripherals
      • Power and Cooling
  • Bits, Bytes, and Bourbon Store

News

News

DNS over HTTPS Tunneling Found in New Linux Backdoor from ChamelGang

There is a new threat in town from the ChamelGang. This new threat is a Linux backdoor that just been identified and shows that the threat group is expanding their capabilities. Identified by Stairwell and dubber ChamelDoH (for DNS over HTTPS), this new malware is written in C++, which is not all that unusual even if the method of communication is not completely normal. ChamelGang was first identified in 2021 and was associated with attacks on energy, fuel, and aviation industries in multiple countries including the US, Russia, Nepal, Japan, Taiwan, and India.

Details
By Sean Kalinich
Sean Kalinich
Jun 16
Hits: 1146
  • Hacking
  • Security
  • Malware
  • Cybersecurity
  • doh
  • dns over https
  • chamelgang
  • chameldoh

Read more: DNS over HTTPS Tunneling Found in New Linux...

No comments on “DNS over HTTPS Tunneling Found in New Linux Backdoor from ChamelGang”
News

Russian National Magomedovich Astamirov Arrested in Arizona Suspected of being a LockBit Affiliate

A 20-year-old Russian National Magomedovich Astamirov was arrested in Arizona and had his initial appearance in court yesterday. The arrest and charges come after a lengthy investigation into the Ransomware as a Service Group, LockBit. This is the second arrest in six months related to the group’s activities with a third warrant/indictment issued for another individual, Mikhail Pavlovich Matveev, who is still at large. According to the DOJ press release Astamirov is suspected of conspiring with other LockBit members to attack multiple organizations in the US and around the globe. Astamirov is believed to have managed various IP and Email addresses used for ransomware deployment and communication with the victims of attacks.

Details
By Sean Kalinich
Sean Kalinich
Jun 16
Hits: 1281
  • Hacking
  • Security
  • Malware
  • Cybersecurity
  • Ransomware
  • ransomware as a service
  • lockbit

Read more: Russian National Magomedovich Astamirov Arrested...

No comments on “Russian National Magomedovich Astamirov Arrested in Arizona Suspected of being a LockBit Affiliate”
News

The MOVEit Saga continues, More Flaws found and Cl0p Begins to Extort Victims

Here we are with another story about MOVEit and just how bad things have gotten for the Managed File Transfer application and their parent company Progress Software. The group behind the attack, Cl0p ransomware gang, has started to extort the companies that they stole data from. They have listed the names of companies on their data leak site, in the same manner they would for ransomware victims after failing to pay. We know that someone (Cl0p has taken credit) was able to finally exploit a zero-day in the software after about a year of tinkering with the flaw and months of access.

Details
By Sean Kalinich
Sean Kalinich
Jun 16
Hits: 1017
  • Hacking
  • Security
  • ZeroDay
  • Cybersecurity
  • SQL Injection
  • Data Theft
  • Ransomware
  • cl0p
  • progress software

Read more: The MOVEit Saga continues, More Flaws found and...

No comments on “The MOVEit Saga continues, More Flaws found and Cl0p Begins to Extort Victims”
News

Microsoft Reveals new GRU Related Threat Group with Low Success Rate

On Wednesday Microsoft’s threat group unveiled information about a new Russian Threat Group with ties to the GRU. As part of the announcement, they also noted that the group has a low success rate and poor operational security. The group, which Microsoft is now tracking under the name Cadet Blizzard seems to focus on service disruption, destructive campaigns and information gathering. Microsoft noted that they appear to be a combination of technically skilled, but lacking direction and sophistication.

Details
By Sean Kalinich
Sean Kalinich
Jun 15
Hits: 809
  • Hacking
  • Security
  • Microsoft
  • Cyber Security
  • threat groups
  • gru
  • cadet blizzard

Read more: Microsoft Reveals new GRU Related Threat Group...

No comments on “Microsoft Reveals new GRU Related Threat Group with Low Success Rate”
News

Hygiene Matters as Abandoned S3 Buckets Used in New Supply Chain Attack

If there is one thing you can say about modern threat groups, it is that they are clever. The new tactics and techniques they identify, and implement are impressive. A recent technique identified is the use of abandoned S3 buckets. The attackers search for and locate S3 buckets that are no longer in use and claim them as their own. If the bucket happens to be part of an existing or previous deployment workflow, so much the better. Checkmarx recently identified a supply chain attack that involved this type of scenario. The attackers took claimed an abandoned S3 bucket for an NPM package called bignum.

Details
By Sean Kalinich
Sean Kalinich
Jun 15
Hits: 1270
  • Hacking
  • Security
  • Malware
  • Cybersecurity
  • npm
  • bignum

Read more: Hygiene Matters as Abandoned S3 Buckets Used in...

No comments on “Hygiene Matters as Abandoned S3 Buckets Used in New Supply Chain Attack”

More Articles …

  1. Fortinet Pre-Authentication RCE flaw Found in SSL VPN Function
  2. MOVIEit is having a Very Bad Week as more Flaw Found after Security Audit
  3. Just When you Thought it was Safe to go Back to the Bank, Microsoft Finds Banking Attacks Targeting Financial Institutions
  4. MOVEit Zero-Day May Have Been Known by Threat Groups Since 2021
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10

Page 5 of 570

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin
Decryptedtech