FortiBleed: Hype vs Reality
Claims say 21k+ domains breached, but CloudSEK found the truth:
❌ Not a zero-day, just brute-forcing
📉 Only 148 actually compromised
🛡️ Secure your admin interfaces
Full analysis & IoCs: https://t.co/XvRnglo2B6
New supply chain threat uncovered
CloudSEK TRIAD found an npm campaign using crypto-javascri, a typosquatted package impersonating crypto-js.
It steals npm/GitHub credentials, hijacks maintainer accounts, and uses Tor-based C2 to stay harder to disrupt.
https://t.co/akr2RpJeDg
CloudSEK TRIAD discovered Silver Fox APT targeting India with Valley RAT via Income Tax phishing. Infrastructure pivoting revealed 10+ related domains with China nexus hosting. Previously misattributed to SideWinder.
https://t.co/AKiE7iivAk
#APT#SilverFox#ValleyRAT
Drawing on in-depth threat intelligence and forensic analysis, the report dismantles overblown claims made by hacktivist groups, revealing that most so-called breaches had little to no real impact on India’s government, education, and critical infrastructure sectors
@cloudsek
A recent analysis reveals that claims of over 100 successful hacktivist attacks on Indian infrastructure are largely exaggerated, with minimal actual impact, while APT36's Crimson RAT poses a genuine threat to government networks. #CyberSecurity#Hacktiv… https://t.co/MbLCuKrcZq
Structured Exception Handling & Vectored Exception Handling has been in long time usage within the Windows ecosystem. I have written a blogpost on a security perspective that leverages them that you might not be aware of.
Link: https://t.co/pcaqLvULwR
Exciting news!
Registration for bi0sCTF 2024 is officially OPEN! Join us in the ultimate cyber battleground. Don't miss out on the action, sign up now at https://t.co/7bMEciTk9q
#bi0sctf#CTF#CyberSecurity