F-Secure reports the NRSMiner cryptocurrency miner, known to user EternalBlue to propagate inside networks, has updated to a newer version labsblog.f-secure.com/2019/01/03/nrs…

Dark Reading | Internet Searches Reveal Surprisingly Prevalent Ransomware stpmvt.com/3z5Abqd

NEWS: WithSecure™ has discovered a new Infostealer Malware, dubbed “DUCKTAIL” which can hijack Facebook Business accounts labs.withsecure.com/publications/d… #CyberAttack #cybersecurity #malware #Facebook

GarbageMan: for when you absolutely, positively have to find them #Formbook #IOCs in your .NET heap: labs.withsecure.com/tools/garbagem…

[1/5] Well as you know me there is no trash I would recommend -> I highly recommend to give a try and play with these newly released set of tools #GarbageMan made by WithSecure™. Works like charm for #NET analysis🙏🙌😍 Github:github.com/WithSecureLabs… Blog:labs.withsecure.com/tools/garbagem…

I love ATT&CK - but the ways some vendors operationalize it is misleading and often useless. 🧵

SOC analysts and detection engineers who like to publicly write/talk about detection content should put out more about the false positives they usually have to deal with. I feel that false positives often suffer from what academics call the "Publication bias"

NEWS: DUCKTAIL, a Vietnam-based cyber crime group discovered by WithSecure, has expanded and evolved their operations. Their attacks cost businesses hundreds of thousands of dollars. Read more in our new report >> labs.withsecure.com/publications/d… #cyberattacks #Ducktail #cybersecurity

NEW RESEARCH: WithSecure’s r0zetta details several interesting prompt engineering tricks that could be used to creatively abuse GPT-3, forcing people to become even more skeptical about what they read>> labs.withsecure.com/publications/c… #AI #GPT3 #MachineLearning #cybersecurity #infosec

Let's continue our ATT&CK misunderstandings series & discuss procedures. People sometimes assume ATT&CK is trying to cover every possible way a (sub-)technique can be done, but our procedures only cover what we've seen in public reporting tied to Groups, Software, or Campaigns.

NEW RESEARCH: WithSecure Labs publishes a report documenting the movement of SILKLOADER from Chinese cyber criminals to Russian #ransomware gangs, including CONTI and it’s various affiliates/offspring. Read the report here--> labs.withsecure.com/publications/s… #SILKLOADER #Cyberattack

Are language model "hallucinations" always useless? Might they be used to generate new research ideas? After all, some of the most interesting developments in machine learning have happened by chance. In this short thread, I'll present some findings on this topic. 1/10

NEW RESEARCH: In their latest report, Kazem and NeeRaj Singh dive into Vietnamese cyber crime targeting Meta Business accounts, with specific attention paid to DUCKTAIL & a new threat called DUCKPORT labs.withsecure.com/publications/m… #meettheducks #ducktail #duckport #CyberSecurity

1/3 I am happy to share the latest research I had been working on - "Meet the Ducks". We've witnessed an uptick of threat activity surrounding #Meta's ad ecosystem from Vietnam since early 2023 - some highlighted by us as well as other vendors & security researchers in the past.

🧵 #DUCKTAIL has adapted their infection chain in a short span of time since our latest report was published. I have summarized their latest execution chain in the attached figure. In short:

A couple thoughts on ATT&CK Evaluations...yes, the marketing is ridiculous. I also hope the useful parts of these evaluations won't get completely lost in that. You can find a lot of insight on tools if you dive into the results. Here are some example questions to consider...

'Tis the season to be talking about trends! Sharing his thoughts with Silicon Republic, WithSecure™'s Neeraj Singh (NeeRaj Singh) tells us what he thinks we'll be seeing in cyber security in 2024 #cybersecurity #predictions withsecure.smh.re/2CW