You might be interested in …

Daily NCSC-FI news followup 2020-10-01

Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency www.wired.com/story/russias-fancy-bear-hack-us-federal-agency/ New clues indicate that APT28 may be behind a mysterious intrusion that US officials disclosed last week. MAR-10303705-1.v1 Remote Access Trojan: SLOTHFULMEDIA us-cert.cisa.gov/ncas/analysis-reports/ar20-275a The sample is a dropper, which deploys two files when executed. The first is a remote access tool (RAT) named mediaplayer.exe”, […]

Read More

[HackerNews] APT Hackers Distributed Android Trojan via Syrian e-Government Portal

All posts, HackerNews

An advanced persistent threat (APT) actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims. “To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of […]

Read More

[SANS ISC] CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit, (Wed, Jun 30th)

All posts, Sans-ISC

[preliminary. please let us know if we missed something or made any mistakes] As part of Microsoft’s June patch Tuesday, Microsoft released a patch for CVE-2021-1675. At the time, the vulnerability was considered a privilege escalation vulnerability. Microsoft considered exploitation “less likely” [1]. On June 21st, Microsoft modified the description of the vulnerability upgrading it […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.