Exploit – PossibleThreat Articles

Independent Krebs Security

How Did Authorities Identify the Alleged Lockbit Boss?

May 13, 2024 0 Comments 3k@xakep.ru, 7.9521020220, A Little Sunshine, antichat, Breadcrumbs, cerber, constella intelligence, d.horoshev@gmail.com, dmitrij ju horoshev, dmitry yuriyevich khoroshev, Exploit, icq number 669316, intel 471, khoroshev1@icloud.com, lockbit, lockbitsupp, Ne'er-Do-Well News, nerowolfe, pin@darktower.su, putinkrab, Ransomware, Ransomware as a Service, sitedev5@yandex.ru, stairwell.ru, tkaner.com, u.s. department of the treasury, verified

Credit to Author: BrianKrebs| Date: Mon, 13 May 2024 11:26:27 +0000

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.

Security Sophos

For the win? Offensive research contests on criminal forums

August 29, 2023 0 Comments Exploit, featured, marketplaces, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Tue, 29 Aug 2023 10:00:17 +0000

We explore some of the entries in recent cybercrime research competitions, and what they say about threat actor innovation and priorities

Security Sophos

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day

July 24, 2023 0 Comments Apple, Exploit, triangulation, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Mon, 24 Jul 2023 23:18:20 +0000

Another month, another patch for in-the-wild iPhone malware (and a whole lot more).

Security Sophos

S3 Ep144: When threat hunting goes down a rabbit hole

July 20, 2023 0 Comments Exploit, Microsoft, Naked Security Podcast, storm, Uncategorized, virus total, zero day, zimbra

Credit to Author: Paul Ducklin| Date: Thu, 20 Jul 2023 14:58:03 +0000

Latest episode – check it out now!

MalwareBytes Security

Zero-day deploys remote code execution vulnerability via Word documents

July 13, 2023 0 Comments Business, cve-2023-36884, email, Exploit, Microsoft, phish, phishing, storm-0978, ukraine, zero day

Categories: Business

Tags: microsoft

Tags: zero-day

Tags: exploit

Tags: CVE-2023-36884

Tags: storm-0978

Tags: email

Tags: phish

Tags: phishing

Tags: Ukraine

We take a look at reports of an exploit being deployed via booby trapped Word documents.

(Read more…)

The post Zero-day deploys remote code execution vulnerability via Word documents appeared first on Malwarebytes Labs.

Security Sophos

Update 5: Information on MOVEit Vulnerabilities CVE-2023-34362, CVE-2023-35036, CVE-2023-35708, and CVE-2023-36934

July 7, 2023 0 Comments cve-2023-34362, cve-2023-35036, cve-2023-35708, cve-2023-36932, cve-2023-36933, cve-2023-36934, dev-0950, Exploit, featured, fin11, mdr, moveit, progress software, security operations, ta505, threat research, vulnerability

Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000

Users of the file-transfer package should apply patches immediately and check for indications of possible compromise

Security Sophos

Update 4: Information on MOVEit Vulnerabilities CVE-2023-34362, CVE-2023-35036, and CVE-2023-35708

June 20, 2023 0 Comments cve-2023-34362, cve-2023-35036, cve-2023-35708, dev-0950, Exploit, featured, fin11, moveit, progress software, ta505, threat research, vulnerability

Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000

Users of the file-transfer package should apply patches immediately and check for indications of possible compromise

Security Sophos

Update 2: Information on MOVEit Vulnerabilities CVE-2023-34362, CVE-2023-35036, and CVE-2023-35708

June 16, 2023 0 Comments cve-2023-34362, cve-2023-35036, cve-2023-35708, dev-0950, Exploit, featured, fin11, moveit, progress software, ta505, threat research, vulnerability

Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000

Users of the file-transfer package should apply patches immediately and check for indications of possible compromise

Security Sophos

Update 2: Information on MOVEit Vulnerabilities CVE-2023-34362 and CVE-2023-35036

June 16, 2023 0 Comments cve-2023-34362, dev-0950, Exploit, featured, fin11, moveit, progress software, ta505, threat research, vulnerability

Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000

Users of the file-transfer package should apply patches immediately and check for indications of possible compromise

Security Sophos

Update 1: Information on MOVEit Transfer and MOVEit Cloud Vulnerability CVE-2023-34362

June 6, 2023 0 Comments cve-2023-34362, dev-0950, Exploit, featured, fin11, moveit, progress software, ta505, threat research, vulnerability

Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000

Users of the file-transfer package should apply patches immediately and check for indications of possible compromise

← Previous