GreyKeep Security Blog - Page 4 of 9

Weekly Malware Roundup – September 11, 2023

greykeep · September 11, 2023 ·

GreyKeep Security Malware Roundup - September 5, 2023

This is the GreyKeep Security Malware Roundup for September 11, 2023. Here’s a summary of what’s in this week’s edition:

Targets

Android
Windows (NTLMv2)
Windows (Advanced Installer)
Microsoft IIS
Microsoft Teams
Cisco ASA

Apple MacOS
Apple iPhone
Fortinet SSL-VPN
Zoho ManageEngine
Facebook Messenger
IRM Next Generation

Organizations

Ukraine
Cybersecurity researchers

Graphic designers
Hotels and resorts

Threat Actors

North Korea
Lazarus (N. Korea)
APT28/Fancy Bear (Russia)

APT34 (Iran)
Charming Kitten (Iran)
Hive0117

[Read more…]

Cybersecurity Daily: September 8, 2023

greykeep · September 9, 2023 ·

GreyKeep Security Cybersecurity Daily News

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for September 8, 2023.

Advisories

[Read more…]

MinIO Exploit Reveals Novel Cloud Attack Vector

greykeep · September 7, 2023 ·

Photo by Engin Akyurt

Researchers at Security Joes recently discovered threat actors leveraging critical vulnerabilities in MinIO to infiltrate a cloud network. According to the blog post, the attack represents a novel approach to compromising cloud assets using non-native solutions.

[Read more…]

Weekly Malware Roundup – September 5, 2023

greykeep · September 5, 2023 ·

This is the GreyKeep Security Malware Roundup for September 5, 2023. Here’s a summary of what’s in this week’s edition:

Targets

Barracuda ESG
Juniper firewalls
Windows Container Isolation Framework
SQL Server
Android
Apache RocketMQ

OpenFire
MinIO
Signal
Telegram
PyPi, NPM, RubyGems repositories

Organizations

FBI and Justice Department
Uyghurs
FANAP (Iran)

UK Ministry of Defence
South Korean activists

[Read more…]

FBI Takes Down Qakbot Botnet in “Duck Hunt”

greykeep · September 1, 2023 ·

Qakbot rubber ducky — Photo by Timothy Dykes

The FBI and Justice Department spearheaded an international law enforcement effort to dismantle the Qakbot botnet. The operation, codenamed “Operation Duck Hunt”, involved agencies from the United States, France, Germany, Latvia, the Netherlands, Romania, and the United Kingdom. Hailed as “the largest U.S.-led financial and technical disruption of a botnet infrastructure leveraged by cybercriminals,” the operation led to the seizure of $8.6 million in illicit cryptocurrency profits.

[Read more…]