Derek Krein
- 34 Posts
Cyber Threat Weekly - #4
As the Threat Landscape continues to evolve… We continue to track the latest threat trends and adversary behavioral patterns. Kicking off this week, researchers uncover links between the Sandman threat group and the Chinese government. Next, Lazarus Group (North Korea) is exploiting vulnerable Internet facing servers using Log4Shell (CVE-2021-44228) and
Cyber Threat Weekly - #3
We got quite a bit to cover this week… Let’s start with malvertising to deploy DanaBot leading to CACTUS ransomware. A botnet uncovered by Palo Alto is upping its game. A Russian APT abusing CVE-2023-23397 and other vulnerabilities. Proofpoint tracking similar behavior from nation state threat actor. To keep
Cyber Threat Weekly - #2
Last week we saw some cyber threat patterns and this week they continue. Quite a bit to cover, let’s start with Google Chrome zero-day, now fixed, under active exploitation. Next up, ownCloud bugs mentioned last week are being exploited in the wild. Defender Application Guard for Office and Windows.
Cyber Threat Weekly - #1
This week let's start with an information stealer with a novel anti-sandbox technique, using trigonometry to detect human behavior. Multiple APT groups are exploiting a WinRAR vulnerability. Cl0p’s mass exploitation of MOVEit vulnerabilities is the gift that keeps on giving. The legitimate NetSupport Manager being used for
