#confluence #vulnerability #CVE-2023-22518. If you haven't patched it, please do it ASAP. If you are monitoring confluence logs, please monitor the below endpoints for incoming exploit attempts. confluence.atlassian.com/security/cve-2…

Related infrastructure 13.176.179.|41 193.43.72.|11 193.187.172.|73

#APT #Sidewinder e2a3edc708016316477228de885f0c39 The decoy document is information about the itinerary of #Nepali Prime Minister Pushpa Kamal Dahal. After the macro code is run, multiple VBScript files, batch files, and ZIP files containing the #Nim backdoor will be released.

And from this dropbox link in July 2023 : app.any.run/tasks/9371e4e6…

Related malicious URLs to this campaign. IOCs --> pastebin.com/BJs1hMeG malwarebytes.com/blog/threat-in…

Threat actor's continuous campaign against #indian #airforce. The #malware uses Slack as its C2 as mentioned by the existing blog. MD5: 9f8eee2c2096fd9c78488d71af45e59a cyble.com/blog/cyber-esp… CERT-In

There's one more domain impersonating voov. voov-meeting[.]site #Lazarus #DPRK

With Chrome 127 on Windows, we're introducing enhanced encryption to protect sensitive data, starting with your cookies🍪! This helps protect your personal information and keeps your online accounts secure from hackers. Read more about this protection: security.googleblog.com/2024/07/improv…

Awesome blog by Shiva P on #microsoft graph API logs.

Thanks OrangeCon for having me and Shiva P. Had a good time and lots of learnings from the talks.

#contagious_interview #DPRK #famous_chollima are spreading a malicious binary named "Uniswap Sniper Bot With GUI.exe" to steal #crypto wallets and browser information using #beavertail & #invisibileferret cc Uniswap Labs 🦄 C2: 185.153.182[.]241:1224

Recruitment #Phishing for well-known orgs like Google, Meta, YouTube Full list of IOCs is here pastebin.com/K8EezySa ytjobsunit[.]com ytjobspartner[.]com ytjobsmember[.]com metaworkrooms-hiring[.]com metaworkrooms-careers[.]com