Author: nlqip

The 2024 RSA Conference has officially wrapped, and this year’s event served as the perfect backdrop for us to make our re-introduction to the industry. Introducing LevelBlue, the Trusted Cybersecurity Advisors On day one of RSA, we officially announced the launch of LevelBlue, formerly known as AT&T Cybersecurity. Signifying an exciting new start for the…

Read More

May 13, 2024NewsroomSoftware Security / Malware Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project’s logo. The package employing this steganographic trickery is requests-darwin-lite, which…

Read More

Aside from the lack of password security, NTLM has several other behaviors that make it a hacker’s paradise. First, it doesn’t require any local connection to a Windows Domain. Also, it is needed when using a local account and when you don’t know who the intended target server is. On top of these weaknesses, it…

Read More

The English-speaking actor named IntelBroker claimed that she gained access to Zscaler and that this access information was for sale in Breachforums. Allegedly, the actor has SMTP, certificate and many other access. BreachForums, also known as Breached, was a notorious English-language hacking forum launched in March 2022 as a successor to RaidForums. It gained notoriety…

Read More

‘While we expect this process will take time to complete, we are making progress and systems are being restored in a coordinated manner at each of our care sites,’ Ascension said in an update over the weekend. Days after a reported ransomware attack paralyzed Ascension health system, shutting down its electronic health records system and…

Read More

A recent investigation by Recorded Future, a threat intelligence firm, has raised alarms about the use of Large Language Models (LLMs) as a powerful tool in information warfare. The company uncovered a network called CopyCop, allegedly linked to Russia, which has been leveraging LLMs to manipulate news from mainstream media outlets and spread disinformation. While…

Read More

​Europol, the European Union’s law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. EPE is an online platform law enforcement experts use to “share knowledge, best practices and non-personal data…

Read More

​Europol, the European Union’s law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. EPE is an online platform law enforcement experts use to “share knowledge, best practices and non-personal data…

Read More

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall Street Journal, Workable, and…

Read More

Sixty-eight technology companies have joined the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC). This public-private partnership aims to bolster the nation’s cyber defenses by fostering collaboration between government agencies and private sector organizations. This significant move comes in response to the increasing frequency and sophistication of cyberattacks targeting critical infrastructure and…

Read More