Vulnerabilità Google: numeri utente ottenibili in meno di 20 minuti

https://gomoot.com/vulnerabilita-google-numeri-utente-ottenibili-in-meno-di-20-minuti

Newly identified wiper malware 'PathWiper' targets critical infrastructure in Ukraine

A destructive attack on Ukrainian critical infrastructure using a new wiper malware called 'PathWiper' has been observed. The attack, attributed to a Russia-nexus APT group, utilized a legitimate endpoint administration framework to deploy the wiper across connected endpoints. PathWiper overwrites file system artifacts with random data, targeting physical drives, volumes, and network shared drives. Its capabilities are similar to HermeticWiper, previously used against Ukrainian entities. The malware's sophisticated approach to identifying and corrupting connected drives and volumes distinguishes it from earlier wipers. This attack underscores the ongoing threat to Ukrainian infrastructure despite the prolonged conflict with Russia.

Pulse ID: 6841b92b694f10dda07d9db8
Pulse Link: https://otx.alienvault.com/pulse/6841b92b694f10dda07d9db8
Pulse Author: AlienVault
Created: 2025-06-05 15:35:07

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

https://www.europesays.com/uk/145050/ IGEL Acquires Stratodesk, Expanding its Customer Base and Strengthening its Team in Secure Endpoint Computing #Acquires #and #Base #Computing #customer #Endpoint #expanding #IGEL #in #its #Secure #Stratodesk #Strengthening #team #Technology #UK #UnitedKingdom

North Korea Still Attacking Developers via npm

Recent weeks have seen a resurgence of North Korean-aligned groups targeting developers through npm packages. The campaign, which began on August 12, 2024, involves multiple groups using various publication patterns and attack types. The malicious packages contain obfuscated JavaScript that downloads additional components, including Python scripts and interpreters, to exfiltrate sensitive data from cryptocurrency wallets and establish persistence. Some packages use different approaches, such as directly evaluating JavaScript from remote endpoints or executing batch and PowerShell scripts to deploy and conceal malware. This coordinated effort exploits the trust in the npm ecosystem to compromise developers, infiltrate companies, and steal cryptocurrency or other valuable assets.

Pulse ID: 66fa772a3fbfc99e94ebcb65
Pulse Link: https://otx.alienvault.com/pulse/66fa772a3fbfc99e94ebcb65
Pulse Author: AlienVault
Created: 2024-09-30 10:02:18

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

And here it gets absurd. The #US government sues #GeorgiaTech for not using that #Endpoint bullshit "security" (like #Cloudstrike). ENDPOINT! You need ENDPOINT! To be compliant!!! Selling snake oil by suing...
It's the same like those "super male" hot air producers like Andrew Tate and others "ALPHA! You need to become ALPHA! You need to be ALPHA to get a woman and be successful! Pay our training with box sacks to become ALPHA"

ENDPOINT and AI are the new "ALPHA!!!!!"

https://www.theregister.com/2024/08/23/us_georgia_tech_lawsuit/

Worth a read. Failures always happen, but it’s how you deal with them that is important. Openness on what went wrong and the path to a fix is always the best approach….

#security #cyber #cloud #tech #endpoint #crowdstrike

https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/

Implementation of BeyondTrust's PAM endpoint solution is complete. I've been configuring rules, policies, exceptions and onboarding the organization. Half of it is already done.

VCURMS: A Simple and Functional Weapon

A phishing campaign was uncovered that entices users to download a malicious Java downloader to spread new VCURMS and STRRAT remote access trojans. The attackers stored malware on public services and used a commercial protector to avoid detection. The receiving endpoint uses Proton Mail for command and control via email.

Pulse ID: 65f3276957b296ae1aad3bc8
Pulse Link: https://otx.alienvault.com/pulse/65f3276957b296ae1aad3bc8
Pulse Author: AlienVault
Created: 2024-03-14 16:35:53

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

EU Court of Human Rights Rejects Encryption Backdoors – Source: securityboulevard.com https://ciso2ciso.com/eu-court-of-human-rights-rejects-encryption-backdoors-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #Uncategorized #humanrights #Encryption #backdoors #endpoint #EU

Question for large #enterprise #infosec people out there who deal with #network and #endpoint security: are decrypting proxies still the main focus? Is the latest state of the art still painful TLS interception and having to manipulate certificate trust for everything? Is there really nothing better?

With the new #opensource tool Swagger Jacker, #pentesters can automate analysis of response codes for each #API defined route, streamline manual testing capabilities with #curl command creation, and gather #endpoint routes.

#OSINT #pentestingtool #infosec

https://bfx.social/48pEAmY

#Malware exploits undocumented Google #OAuth #endpoint to regenerate #Google #cookies
https://securityaffairs.com/156723/hacking/exploit-regenerates-google-cookies.html

Web Content Filtering in Microsoft Defender for Endpoint allows you to block select categories, such as adult content or illegal content. But it also allows you to have the policies in report only mode and see the reports without actually blocking it. And that is not a well-known feature.

You can read my today's blog post on how to enable the #audit mode for web #content #filtering in Microsoft #Defender for #Endpoint (#MDE). #cybersecurity #tips https://www.cswrld.com/2023/11/report-mode-in-microsoft-defender-for-endpoint-web-content-filtering/

This is a genuine request for input from the community.

A member of upper-middle management for a midsized internet technology company recently explicitly stated that they didn't want to install the company's management agent on their device. "I think for leadership, that sort of thing should be optional" was the quote.

This person is intelligent and capable, and is otherwise someone I would respect as a fellow member of the same circles and business.

This is so against axioms that I hold almost self-evident, that I realized I don't even have good arguments. I can endlessly find corners of the internet where this would be akin to "Pi is exactly 3!" at a Mathematics convention, but is there ever generally a time or company's infrastructure configuration where simply ignoring or allowing to be optional endpoint security wouldn't just be blatantly stupid?

Besides being aghast and expressing sharp chastisement, how does someone go about even beginning to describe why this cavalier attitude is so abhorrent?

Is there some situation where it's actually a kosher methodology or mindset?

I think I might just be so thrown off guard by the concept that I just can't think of even an obvious answer to start with here.

#secops #security #operations #bestpractice #bestpractices #infosec #devops #endpoint #endpointsecurity #technology

What does the world use for #endpoint #protection in #Ubuntu #Linux ?

Been seeing a lot more very sophisticated MocuSign (#docusign) #phishing emails this week. I have been updating my #IOC list on my #GitHub. Fraudsters are doing a much better job on their contents, even using legitimate non-phishing sites as proxy to redirect to the actual #phishing site so they get by email scanners - but they haven't yet gotten past my #endpoint protections (so far, so good).

Keep up-to-date on my findings on my #IOCs #Repository so you can add them to your platforms as well. I update them multiple times per week: https://github.com/Geekmaster-General/IOCs/tree/main

Security professionals unaware of NCSC Cyber Essentials framework – Lookout - New research by Lookout has revealed that there is a lack of awareness towards the NCSC C... https://www.itsecurityguru.org/2023/07/31/security-professionals-unaware-of-ncsc-cyber-essentials-framework-lookout/?utm_source=rss&utm_medium=rss&utm_campaign=security-professionals-unaware-of-ncsc-cyber-essentials-framework-lookout #cybersecurity #infosecurity #editorsnews #endpoint #news

VPC with a #NAT and a #VPC #Endpoint Deployed With #CloudFormation
~~
ACM.276 Allow a #Lambda function in a private network to access #GitHub via a NAT and #AWS #CodeCommit via a VPC #Endpoint
~~
by Teri Radichel | July 31, 2023
#Network #Cloud #Security

https://medium.com/cloud-security/vpc-and-nat-and-a-vpcendpoint-deployed-with-cloudformation-229870a3d008