All posts tagged cyber

■■■□□ FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor. https://www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/ https://t.me/cKure/9546

■■■■□ Interesting thread on NTFS streams in Windows OS. Writing an EXE into any file’s NTFS stream, and run it as a process. We can delete the file, even the process is still running. https://t.co/175lfl2shu https://t.me/cKure/9545

■■■■■ Apple ‘Still Investigating’ Unpatched and Public iPhone Vulnerabilities. https://www.vice.com/amp/en/article/g5gan4/apple-still-investigating-unpatched-and-public-iphone-vulnerabilities https://t.me/cKure/9544

■■■□□ Kaspersky researchers have discovered an advanced Trojan, dubbed BloodyStealer, sold on darknet forums and used to steal gamers’ accounts on popular gaming platforms, including Steam, Epic Games Store, and EA Origin. https://t.me/cKure/9543

■■□□□ Privacy: In iOS 15, the phone is findable even when “Powered off”. https://t.co/gfi4WJfula https://t.me/cKure/9541

■□□□□ Signal Messaging app goes down amid hosting outage. In their message, they mentioned, “Hold tight, folks! Signal is currently down, due to a hosting outage affecting parts of our service. We’re working on bringing it back up.” https://twitter.com/signalapp/status/1442354759009247232 https://t.me/cKure/9540

■■■□□ Pure C++, weaponized, fully automated implementation of RottenPotatoNG. https://github.com/klezVirus/CandyPotato https://t.me/cKure/9539

■■■■■ Tool: CopyCat, a simple rapper for Mimikatz, bypass Defender. https://github.com/mobdk/CopyCat https://t.me/cKure/9538

■■□□□ Interesting thread on Nighthawk C2. https://twitter.com/mariuszbit/status/1442139157774487555 https://t.me/cKure/9537

■■■□□ Data-Leak: A suspicious hotel guest. Yet another APT group that exploited the ProxyLogon vulnerability in March 2021. https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/ https://t.me/cKure/9536