threat research – Page 16 – PossibleThreat Articles

The scammers who scam scammers on cybercrime forums: Part 4

December 28, 2022 0 Comments breachforums, Exploit, featured, marketplaces, scams, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Wed, 28 Dec 2022 12:00:01 +0000

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the fourth and final part of our series, we look at how scammers scamming scammers can benefit researchers

Security Sophos

The scammers who scam scammers on cybercrime forums: Part 3

December 21, 2022 0 Comments dread, featured, genesis, marketplaces, scams, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Wed, 21 Dec 2022 11:00:08 +0000

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the third part of our series, we look at the curious case of twenty fake marketplaces.

Security Sophos

The scammers who scam scammers on cybercrime forums: Part 2

December 14, 2022 0 Comments breachforums, Exploit, marketplaces, RaidForums, scams, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Wed, 14 Dec 2022 12:00:20 +0000

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the second part of our series, we look at the different flavors of scams prevalent on criminal forums

Security Sophos

2022 Patch Tuesday cycle wraps with 48 CVEs, one advisory

December 13, 2022 0 Comments cve-2022-44690, cve-2022-44693, cve-2022-44698, cve-2022-44710, driver certificate deprecation, driver signature enforcement, drivers, Microsoft, Patch Tuesday, threat research, x-ops

Credit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000

Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight

Security Sophos

Signed driver malware moves up the software trust chain

December 13, 2022 0 Comments 2022-12, adv220005, burntcigar, byovd, cuba ransomware, driver signature enforcement, drivers, featured, Patch Tuesday, sbom, security operations, signed drivers, sophos x-ops, supply chain compromise, threat research, whcp, whql, Windows, x-ops

Credit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000

The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate

Security Sophos

The scammers who scam scammers on cybercrime forums: Part 1

December 7, 2022 0 Comments aaas, breachforums, Exploit, featured, marketplaces, RaidForums, scams, sophos x-ops, threat research, XSS

Credit to Author: Matt Wixey| Date: Wed, 07 Dec 2022 17:00:36 +0000

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the first of a four-part series, we look at the forums involved, and how they deal with scammers scamming scammers

Security Sophos

LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling

November 30, 2022 0 Comments 0xabababab, blackmatter, featured, lockbit, lockbit black, Ransomware, sophos x-ops, threat research

Credit to Author: Andrew Brandt| Date: Wed, 30 Nov 2022 12:00:17 +0000

Reverse-engineering reveals close similarities to BlackMatter ransomware, with some improvements

Security Sophos

Detection Tools and Human Analysis Lead to a Security Non-Event

November 30, 2022 0 Comments mdr, sophos mdr, sophos x-ops, spearphishing, threat research

Credit to Author: Angela Gunn| Date: Wed, 30 Nov 2022 12:00:13 +0000

A look at how MDR turned a targeted attack into a non-event, in which no high-value credentials are compromised and several dozen employees are not tricked into letting a bad guy get boots on the ground

Security Sophos