Geekmaster 👽:system76: · @Geekmaster
166 followers · 1245 posts · Server ioc.exchangeIf you use #RDP, make sure it's strictly internal, and limited only to specific #admin accounts, and that you *DO NOT* have any #3389 open publicly. That IP will be found (quickly), and your #endpoint will be attacked, if not #breached. #BianLian has shifted their attack model. @cisacyber dropped an advisory this week, here's a decent summary of what's up: https://www.darkreading.com/threat-intelligence/bianlian-cybercrime-group-changes-attack-methods-cisa-advisory-notes?_mc=NL_DR_EDT_DR_weekly_20230518&cid=NL_DR_EDT_DR_weekly_20230518&sp_aid=116563&elq_cid=38046155&sp_eh=144c4ccfdc4bcabeefa4110f1ea26cecf2a866a1c04b99a946a3df0524ced34c&sp_eh=144c4ccfdc4bcabeefa4110f1ea26cecf2a866a1c04b99a946a3df0524ced34c&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_05.18.23&sp_cid=48613&utm_content=DR_NL_Dark%20Reading%20Weekly_05.18.23
#Hacking #ThreatIntelligence #Cloud #CloudAttackSurface #DataExfiltration #Exfil #AttackSurfaceReduction #Ransomware
#rdp #admin #endpoint #breached #bianlian #hacking #threatintelligence #cloud #cloudattacksurface #dataexfiltration #exfil #attacksurfacereduction #ransomware
Geekmaster 👽:system76: · @Geekmaster
166 followers · 1244 posts · Server ioc.exchange#Infostealers are a growing threat. Sure, they've been around for decades, but now it's becoming a much larger market on the #Darkweb. “What we are seeing is an entire #underground #economy and #supporting #infrastructure built around #infostealers, making it not only possible but also potentially #lucrative for relatively #lowskilled #threatactors to get involved,”
https://www.scmagazine.com/news/threat-intelligence/data-log-thefts-explode-as-infostealers-gain-popularity-with-cybercriminals?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAldBXEeVNitVuN5rpvANUjNCaIIBnTmArpblpBWE5hgFJSS9PoGhu7RxEp5cWxLUDxbLdJ7juuAc83cEfRAyiFxOpe18Kant7MXUMhA
#Hacking #ThreatIntelligence #Cloud #CloudAttackSurface #TOR #DataExfiltration #Exfil #RussianMarket #Cyberespionage #RussiaAPT #ChinaAPT #APT #UseMFA #AttackSurfaceReduction
#infostealers #darkweb #underground #economy #supporting #infrastructure #lucrative #lowskilled #threatactors #hacking #threatintelligence #cloud #cloudattacksurface #tor #dataexfiltration #exfil #russianmarket #cyberespionage #russiaapt #chinaapt #apt #usemfa #attacksurfacereduction
crackerjack :fedora: :donor: · @crackerjack
110 followers · 58 posts · Server infosec.exchange
20 bits a second using high frequency audio. Clever way to target endpoints. The internal speaker seems almost pointless in a lot of machines... Perhaps buildings l vulnerabilities such as this will convince manufacturers to remove them?
#cybersecuritynews #casper #exfil #exfiltration
Chaser Systems · @ChaserSystems
4 followers · 12 posts · Server infosec.exchange
#ChatGPT calculating #exfil time over DNS queries here. #AWS do publish some lower limits per EC2 Instance [1] though.
FOLLOW US as we test #AI's knowledge on cloud network security!
[1] https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-limits
JM · @jmamblat
154 followers · 75 posts · Server ioc.exchange
SharpGmailC2 - Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
#exfil #redteam #cybersecurity #c2 #infosec