Probably worth reposting this for the first day of #100DaysofYARA

This article dissects tactics leveraged during an espionage campaign focused on data exfil of high-value targets in South Asia. Deploying rare techniques, the TTPs suggest similarities between this activity and that of #DragonRank, a Chinese threat group. bit.ly/4hdynPs

Today, I'm releasing the first version of a small web 🚀: rosti.bin.re It provides IOCs and YARA rules collected semi-automatically from public blog posts and reports of almost 200 cybersecurity sites. I hope it proves useful to some of you ... 🙏✨ #ThreatIntel

#DeepSeek, a new and open-source LLM, is a competitor to popular AI models. Our evaluation of DeepSeek reveals that three simple jailbreaking techniques can elicit harmful content from the model. bit.ly/4aFPYwN

Infostealers targeting macOS are evolving rapidly, making continuous monitoring essential, which our team is always on the lookout for. On January 15, our team identified a new infostealer written in Rust on VirusTotal that exhibits many of the same behaviors and targets found

PyPI adds project archiving system to stop malicious updates - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🚨 768 vulnerabilities exploited in 2024—a shocking 20% increase from last year! These vulnerabilities are being weaponized faster than ever, with nearly 1 in 4 exploited on the same day they were disclosed. Read the full report: thehackernews.com/2025/02/768-cv…

🔐 Russian cybercriminals are exploiting new 7-Zip vulnerability (CVE-2025-0411) to target Ukrainian organizations. This flaw bypasses Windows' MotW protections, allowing remote code execution via malicious archives. Learn more about the exploit: thehackernews.com/2025/02/russia…

🔍 New Blog Post: "Linux Detection Engineering - A Continuation on Persistence Mechanisms"🐧 Topics covered: 🔹 LD_PRELOAD hijacking 🔹 Loadable Kernel Modules 🔹 Web Shells 🔹 System account manipulation 🔗PANIX: github.com/Aegrah/PANIX 📖Blog: elastic.co/security-labs/…

🛡️ We added 4 CVEs for #Apache, #Microsoft, & #Paessler to our Known Exploited Vulnerabilities Catalog. Visit go.dhs.gov/Z3Q & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

🥳 Go 1.23.6 and 1.22.12 are released! 🔐 Security: Includes a security fix for crypto/elliptic (CVE-2025-22866). 🔈 Announcement: groups.google.com/g/golang-annou… 🗃 Download: go.dev/dl/#go1.23.6 #golang

🛑 Security Alert for Veeam Users! CVE-2025-23114 has a CVSS score of 9.0. This new critical Man-in-the-Middle attack could allow hackers to execute arbitrary code on your servers. ✅ Fix is Available! Check out the details here: thehackernews.com/2025/02/new-ve…

How do infostealers targeting macOS leverage its native AppleScript framework to maximize impact? Taking advantage of AppleScript’s extensive OS access, bad actors use social engineering techniques to gain access, then steal financial details and more. bit.ly/40Wq9We

🛡️ We added #LinuxKernel out-of-bounds write vulnerability CVE-2024-53104 to our Known Exploited Vulnerabilities Catalog. Visit go.dhs.gov/Z3Q & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

Enabling organisations to uplift their cyber security using #ZeroTrust and #Secure-by-Design is a core priority for us. If you manage networks or procure IT, we want your insights to provide relevant, meaningful guidance. Have your say 👉 cyber.gov.au/resources-busi…

New Article: "Approaching the Summit on Linux Persistence"🐧 Topics covered: 🔹Pluggable Authentication Module (PAM) Backdoors 🔹Abusing pam_exec 🔹Malicious DPKG & RPM Packages 🔹Docker Container Persistence 🔗PANIX: github.com/Aegrah/PANIX 📖Blog: elastic.co/security-labs/…

🛡️ We added 2 Microsoft Windows & 2 Zyxel DSL CPE OS vulnerabilities to our Known Exploited Vulnerabilities Catalog. Visit bit.ly/3ZqTVlz & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

🛡️ We added Apple iOS & iPadOS vulnerability CVE-2025-24200 and Mitel SIP Phones vulnerability CVE-2024-41710 to our Known Exploited Vulnerabilities Catalog. Visit bit.ly/3ZqTVlz & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

#ElasticSecurityLabs is exposing REF7707, an attack campaign in Asia that brought 2 brand new #malware: PATHLOADER and FINALDRAFT. The #Windows executable pairs with a C++ malware focused on data exfiltration and process injection. Learn more: go.es.io/4aZuL0Y