CampusCoin Student Feed Aggregator

+ NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities—Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as el...

+ Threat actors use copyright infringement phishing lure to deploy infostealers—Cisco Talos has observed an unknown threat actor conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan.&#...

+ Writing a BugSleep C2 server and detecting its traffic with Snort—In June 2024, security researchers published their analysis of a novel implant dubbed “ MuddyRot ”(aka " BugSleep "). This...

+ How LLMs could help defenders write better and faster detection—Most users will associate large language models (LLMs) like ChatGPT with answering basic questions or helping to write basics lines of text.  ...

+ Talos IR trends Q3 2024: Identity-based operations loom large—Threat actors are increasingly conducting identity-based attacks across a range of operations that are proving highly effective, with credential theft...

+ Threat Spotlight: WarmCookie/BadSpace—WarmCookie is a malware family that emerged in April 2024 and has been distributed via regularly conducted malspam and malvertising campaigns.  ...

+ Highlighting TA866/Asylum Ambuscade Activity Since 2021—TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020.  TA866 has frequen...

+ Threat actor abuses Gophish to deliver new PowerRAT and DCRAT—Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor.   ...

+ Akira ransomware continues to evolve—Akira continues to cement its position as one of the most prevalent ransomware operations in the threat landscape, according to Cisco Talos’...

+ What I’ve learned in my first 7-ish years in cybersecurity—When I first interviewed with Joel Esler for my position at Cisco Talos, I remember when the time came for me to ask questions, one thing stood out. I...

+ UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants—By Dmytro Korzhevin, Asheer Malhotra, Vanja Svajcer and Vitor Ventura.  Cisco Talos has observed a new wave of attacks active since at least ...

+ Protecting major events: An incident response blueprint—Ensuring the cybersecurity of major events — whether it’s sports, professional conferences, expos, inter-government meetings or other ga...

+ What NIST’s latest password standards mean, and why the old ones weren’t working—Say goodbye to the days of using the “@” symbol to mean “a” in your password or replacing an “S” with a ...

+ Ghidra data type archive for Windows driver functions—While reverse-engineering Windows drivers with Ghidra, it is common to encounter a function or data type that is not recognized during disassembly. ...

+ Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME project—Cisco Talos’ Vulnerability Research team recently disclosed six new security vulnerabilities across a range of software, including one in a pop...

+ Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities—The largest Microsoft Patch Tuesday since July includes two vulnerabilities that have been exploited in the wild and three other critical issues acros...

+ CISA is warning us (again) about the threat to critical infrastructure networks—Government-run water systems and other critical infrastructure are still at risk from state-sponsored actors, according to a renewed warning from ...

+ Threat actor believed to be spreading new MedusaLocker variant since 2022—Cisco Talos has discovered a financially motivated threat actor, active since 2022, recently observed delivering a MedusaLocker ransomware variant.&#x...

+ Are hardware supply chain attacks “cyber attacks?”—The recent attacks in the Middle East triggering explosions on pagers has raised new fears around physical hardware supply chain attacks.  I...

+ Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam—Attackers are abusing normal features of legitimate web sites to transmit spam, such as the traditional method of verifying the creation of a new acco...

+ Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC—Cisco Talos’ Vulnerability Research team recently disclosed two vulnerabilities in Microsoft products that have been patched by the company ove...

+ Talk of election security is good, but we still need more money to solve the problem—Last week, six Secretaries of State testified to U.S. Congress about the current state of election security ahead of November’s Presidential ...

+ We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders—I have written about the dreaded “cybersecurity skills gap” more times than I can remember in this newsletter, but I feel like it&#x...

+ Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API—Cisco Talos’ Vulnerability Research team discovered two vulnerabilities have been disclosed and fixed over the past few weeks.  Talos dis...

+ Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score—Microsoft disclosed four vulnerabilities that are actively being exploited in the wild as part of its regular Patch Tuesday security update this ...

+ DragonRank, a Chinese-speaking SEO manipulator service provider—Key Takeaways  Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in E...

+ The 2024 Threat Landscape State of Play—As we head into the final furlong of 2024, we caught up with Talos’ Head of Outreach Nick Biasini to ask him what sort of year it’s been...

As of 10/31/24 8:06pm. Last new 10/31/24 8:06pm.  Score: 453