Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet. msft.it/6010l7S6w

Today, Mark Kelly and I released a report on newly discovered #Predator #spyware infrastructure and domains, which are likely utilized during the staging and exploitation phases (1/8): recordedfuture.com/research/preda…

This is notable 👉 CISA says GRU Unit 29155 (Cadet Blizzard / Ember Bear) has used #RaspberryRobin More on #RaspberryRobin here: blog.bushidotoken.net/2023/05/raspbe…

imagine that. medium.com/@truvis.thornt…

"The Technique Inference Engine (TIE) uses a machine learning model trained on cyber threat intelligence to recommend likely TTPs based on a known input TTP." …for-threat-informed-defense.github.io/technique-infe…

The FBI recently sent a warning out regarding DPRK activity against the crypto industry. Today, we documented attacks we've seen on macOS. Attacks start with social engineering and deliver a piece of malware that we call ThiefBucket. jamf.com/blog/jamf-thre… #malware

The latest Microsoft Threat Analysis Center (MTAC) elections report is now available, detailing Russian influence activities by actors such as Storm-1516, Storm-1679, Ruza Flood, Volga Flood, and more: msft.it/6019mpiUN

Happy to have contributed to the ENISA Threat Landscape 2024 - ETL 2024. Explore the threats and trends observed during the latest reporting period on threat actors activity, ransomware, malware, social engineering and more. enisa.europa.eu/publications/e… #CTI #ThreatLandscape

Woah...it might be that time again, for one last time. If you've got something you want to say on the ShmooCon stage, you might want to check out the ShmooCon CFP : shmoocon.org

We are already getting some amazing submissions to CYBERWARCON, but we could definitely use more submissions from folks in underrepresented demos, more from folks who've never presented at the con, and more submissions on cyberattack and info ops. There’s one week left! 1/x

Heyoo I’m hiring a senior manager for our cyber crime team. Come hunt badness with Unit 42 jobs.smartrecruiters.com/PaloAltoNetwor…

We are humbled to have been nominated once again for Team of the Year in the SANS difference makers award. We would honored to receive your vote: sans.org/about/awards/d…

📣NEW LIVE WEBINAR COMING SOON! With Cybersecurity Awareness Month around the corner, CISA wants YOU🤓 to learn more about how to grow the cyber workforce! Secure (and grow!) your workforce with this free webinar Oct. 16th at 2:00pm ET. Check out eventbrite.com/e/filling-the-… for more!

The financially motivated cybercriminal group that Microsoft tracks as Storm-0501 has been observed exfiltrating data and deploying Embargo ransomware after moving laterally from on-premises to the cloud environment. msft.it/6013m5gnf