Opportunità Unica! La Polizia di Stato ricerca 177 cyber-ispettori per dare battaglia ai criminali informatici

#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale

redhotcyber.com/post/opportuni…

#100DaysofYARA Day36: LNK Droppers used by Russian APT in a past campaign 🐧

github.com/RustyNoob-619/…

My first encounter with LNK files and Base64 content

🚨Cluster25 investigated a possible #APT campaign targeting #Russian dissidents. Using different lures, the #attacks aimed at organizations and citizens, leveraging a #reverseshell . Read more on: blog.cluster25.duskrise.com/2024/01/30/rus…

It took #Microsoft about 2 months to detect a compromise by a nation-state adversary. Now, the question to ask yourself, to learn from this event, is: how long would it take me ? 🙄 #APT #APT 29 #MidNightBlizzard #Nobelium

🎆 🎇 Wishing all of you guys a glitch-free 2024 ! May your code be secure, your firewalls impenetrable, and your New Year filled with encrypted adventures. 🙂 🌐 🎉 #HappyNewYear

I wrote here a blogpost about how #ALPHV / #BlackCat gang managed to 'unseize' their DLS (Dedicated Leak Site). To be fair, it must be said that they technically did not 'unseized' anything 😄
emanueledelucia.net/a-blackcat-and…

Had a look at the #QBot / #QakBot kill-chain for its recent comeback. Long-story-short: msiexec.exe -> MSI[\dA-Z]+\.tmp -> rundll32.exe -> KROST.dll,hvsi #Sigma rule available at github.com/edelucia/rules…

🚨A seemingly legitimate #LinkedIn profile contacts you via direct message and offers you a job, sending a PDF file. This is the beginning of a bad story that leads to #DUCKTAIL infection. Read more on: blog.cluster25.duskrise.com/2023/10/25/the…

🚨 Cluster25 has uncovered phishing attacks likely linked to a pro-Russia nation-State adversary. These attacks, conducted in the context of the RU-UA conflict zone, leverage a recently discovered vulnerability (CVE-2023-38831) affecting WinRAR. Read more: blog.cluster25.duskrise.com/2023/10/12/cve…

We are happy to announce that #Cluster25 is now integrated with #OpenCTI through a dedicated connector. OpenCTI connectors are a crucial components to enable organizations to easily ingest, enrich and/or export data. github.com/OpenCTI-Platfo…

#InfamousChisel #Sandworm #APT #Suricata github.com/edelucia/rules…