May 2024

, ,

"K1w1" InfoStealer Uses gofile.io for Exfiltration, (Fri, May 31st)

Python remains a nice language for attackers and I keep finding interesting scripts that are usually not very well detected by antivirus sol...

Sp123 31 May, 2024
, ,

Rent, drive, steal: How luxury car thieves were stopped in their tracks

The international operation began as a Spanish investigation, initiated when car rental and leasing companies in the Málaga area reported mi...

Sp123 31 May, 2024
, ,

2023 Activities Summary of SectorJ groups (ENG)

2023 Activities Summary of SectorJ groups (ENG) Activity of SectorJ Group Unlike other government-supported hacking groups, cybercrim...

Sp123 31 May, 2024
, ,

Progress Telerik Report Server Receives Security Update for Critical Auth Bypass Vulnerability, CVE-2024-4358

Progress Telerik Report Server Receives Security Update for Critical Auth Bypass Vulnerability, CVE-2024-4358 A critical vulnerability has ...

Sp123 30 May, 2024
, ,

51 persons arrested in crackdown on labour exploitation

Overall, the results of the action include:15 313 officers from law enforcement and labour and tax authorities participated in the action165...

Sp123 30 May, 2024
, ,

Feeding MISP with OSSEC, (Thu, May 30th)

I’m a big fan of OSSEC[1] for years. OSSEC (“Open Source Security Event Correlator”) is a comprehensive, open-source host-based intrusion de...

Sp123 30 May, 2024
, ,

Volatile Data Acquisition on Linux Systems Using fmem

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or in...

Sp123 29 May, 2024
, ,

Vidar, Lumma, Atomic and Octo Delivered through GitHub, FileZilla

Researchers report about a new campaign that’s delivering a variety of malware, by exploiting GitHub, FileZilla and potentially other legiti...

Sp123 29 May, 2024
, ,

LightSpy: Implant for macOS

In October 2023 we posted our research about the notorious surveillance framework LightSpy2. In our research, we proved with a high degree...

Sp123 29 May, 2024
, ,

Decrypting Cyber Threats: Tactics, Takedowns, and Resilience

Hello to all our cyber pals! Joining our series host, Selena Larson, is our co-host today, Tim Kromphardt. Together they welcome our special...

Sp123 29 May, 2024
, ,

The Evolution of Cyber Threats in the Age of AI: Challenges and Responses

"In war, the importance of speed cannot be overstated. Swift and decisive actions often determine the outcome of battles, as delays ca...

Sp123 28 May, 2024
, ,

Multiple vulnerabilities in Eclipse ThreadX

“Why don’t you pick on projects […] The post Multiple vulnerabilities in Eclipse ThreadX appeared first on hn security . Article Link: Mu...

Sp123 28 May, 2024
, ,

NIS2 Directive: Decoding its Significance and Implications

<div> <div> ...

Sp123 28 May, 2024
, ,

Update: byte-stats.py Version 0.0.10

This is an update for the entropy calculation. If the number of bytes to calculate statistics for is less than 256, the tool will also prov...

Sp123 27 May, 2024
, ,

YARA 4.5.1 Release, (Sun, May 26th)

YARA 4.5.0 was released with a small change to the regex syntax (allowing more whitespace) and many bugfixes. Article Link: YARA 4.5.1 Rele...

Sp123 26 May, 2024
, ,

0.9.6 is out: Kesakode malware identification!

Malcat version 0.9.6 is out! We have launched our brand-new online hash lookup service: Kesakode. You'll be able to identify (unpacked) ...

Sp123 26 May, 2024
, ,

NahamCon CTF 2024 - Writeups

First lemme say that We have SECURED 3rd spot on the CTF! Forensics: Taking up residence Identifying the file type we got we can see that...

Sp123 25 May, 2024
, ,

Reversing A Network Protocol

I also recorded a video for this blog post. I recently helped a colleague and friend with the reversing of a network protocol to update an...

Sp123 25 May, 2024