
Category: Threat Intel Reports
-
Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’
Bill Toulas reports: Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while…
-
Cobalt Strike Beacon Detected – 118[.]193[.]37[.]157:8889
* [Cobalt Strike](https://www.redpacketsecurity.com/category/cobalt-strike/)Cobalt Strike Beacon Detected — 118-[.-]193-[.-]37-[.-]157:8889================================================================[November 23, 2024](https://www.redpacketsecurity.com/2024/11/) Cobalt Strike Beacon Detection Alerts > The Information provided at…
-
UK: Prison layouts reportedly leaked on dark web
Lucy Clarke-Billings reports: The Ministry of Justice has said it is aware of a data breach affecting prisons in England…
-
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10…
-
Trump taps border hawk to head DHS. Will Noem’s ‘enthusiasm’ extend to digital domain?
#### [Public Sector](/on_prem/public_sector/)**2** Trump taps border hawk to head DHS. Will Noem’s ‘enthusiasm’ extend to digital domain?======================================================================================**2** Meanwhile, CISA chief…
-
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Government agencies and non-governmental organizations in the United States have become the target of a…
-
Microsoft seized 240 sites used by the ONNX phishing service
Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation.———————————————————————————————————————————Microsoft…
-
Wireshark 4.4.2 Released, (Sat, Nov 23rd)
[Wireshark 4.4.2 Released](/forums/diary/Wireshark+442+Released/31460/)=======================================================================* * [](http://www.facebook.com/sharer.php?u=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31460 ‘Share on Facebook’)* [](http://twitter.com/share?text=Wireshark%204.4.2%20Released&url=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31460&via=SANS_ISC ‘Share on Twitter’) **Published** : 2024-11-23. **Last Updated** : 2024-11-23 12:42:31…
-
China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane
China-linked APT Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane in attacks targeting East and Southeast Asia.————————————————————————————————————————————–China-linked…
-
Decrypting a PDF With a User Password, (Sat, Nov 23rd)
[Decrypting a PDF With a User Password](/forums/diary/Decrypting+a+PDF+With+a+User+Password/31466/)===================================================================================================* * [](http://www.facebook.com/sharer.php?u=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31466 ‘Share on Facebook’)* [](http://twitter.com/share?text=Decrypting%20a%20PDF%20With%20a%20User%20Password&url=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31466&via=SANS_ISC ‘Share on Twitter’) **Published** : 2024-11-23. **Last…

