#IAgénérative + #Facebook : le cocktail-tendance dangereusement explosif pour ex-filtrer des informations privées ou sensibles via des #infostealers ! https://blog.sosordi.net/2023/07/ia-generative-facebook-le-cocktail-tendance-dangereusement-explosif-pour-ex-filtrer-des-informations-privees-ou-sensibles-via-des-info-stealers.html
#securite #data #vieprivee #reseauxsociaux

#Infostealers are as alive as ever, wantonly sweeping up whatever business data might be of use to cybercriminals, including OpenAI / #ChatGPT credentials☝️👩‍💻

https://www.darkreading.com/application-security/100k-infected-devices-leak-chatgpt-accounts-dark-web?utm_content=buffer3b528&utm_medium=social&utm_source=bufferapp.com&utm_campaign=buffer

#Infostealers are a growing threat. Sure, they've been around for decades, but now it's becoming a much larger market on the #Darkweb. “What we are seeing is an entire #underground #economy and #supporting #infrastructure built around #infostealers, making it not only possible but also potentially #lucrative for relatively #lowskilled #threatactors to get involved,”
https://www.scmagazine.com/news/threat-intelligence/data-log-thefts-explode-as-infostealers-gain-popularity-with-cybercriminals?external_id=HBwZ-n4B490LDY0Z-dKj&external_id_source=mrkto&mkt_tok=MTg4LVVOWi02NjAAAAGLzUgAldBXEeVNitVuN5rpvANUjNCaIIBnTmArpblpBWE5hgFJSS9PoGhu7RxEp5cWxLUDxbLdJ7juuAc83cEfRAyiFxOpe18Kant7MXUMhA

#Hacking #ThreatIntelligence #Cloud #CloudAttackSurface #TOR #DataExfiltration #Exfil #RussianMarket #Cyberespionage #RussiaAPT #ChinaAPT #APT #UseMFA #AttackSurfaceReduction

Struggling to differentiate & prioritize among the large set of opportunistic and “indiscriminate” threats in the landscape? Our new blog aims to help

Threat profiling generally focuses on identifying & prioritizing (rank-ordering) threats motivated to harm your organization. These include threats with clear targeting intent relative to your org or your industry, often a smaller set that is more straightforward to surface. Then comes the large pool of threats that seem to impact most sectors, maybe in some cases your vertical specifically or others trending in threat intel generally, regardless of explicitly links to your industry yet

With the high volume of recent activity from threats like #ransomware, #infostealers, & loader/initial access malware like #QakBot, #Gootloader, and many others, I’m seeing more awareness that these often broad-based threats should be on many security teams’ radars. But how do you keep from being overwhelmed by what often feels like an endlessly growing list of new threats?

@tidalcyber's latest blog (https://www.tidalcyber.com/blog/ransomware-threat-profiling-prioritizing-indiscriminate-threats) offers several strategies for helping make more sense out of this subset of threats, using major ransomware-as-a-service operations as a representative case study. Our guidance involves (where possible) leaning on metrics to rank-order groups linked to your industry, using technical sources to identify potential spikes in activity and quantifiably justify increased priority levels, and focusing defenses on discrete TTPs that might be common across the wide pool of these threats (summarized for major #RaaS in the attached table, with data sourced from the Ransomware & Data Extortion mega-matrix available in Tidal’s free Community Edition here: https://app.tidalcyber.com/share/9a0fd4e6-1daf-4f98-a91d-b73003eb2d6a)

These tips are often just a starting point – for more upcoming threat profiling guidance, subscribe to the Tidal blog here https://www.tidalcyber.com/blog and follow us on all major social platforms, and we look forward to hearing what other techniques you use to drive focus in the ever-evolving threat landscape

#threatinformeddefense #threatprofile #risk #intelligence #CTI

Les « #infostealers », cette petite cybercriminalité qui prospère dans l’ombre des rançongiciels.
Leur but est de récupérer toutes les informations intéressantes présentes sur son appareil, de les exfiltrer puis de disparaître https://www.lemonde.fr/pixels/article/2023/02/13/les-infostealers-cette-petite-cybercriminalite-qui-prospere-dans-l-ombre-des-rancongiciels_6161611_4408996.html

As we've said in previous posts and in our 2023 threat landscape webinar, #infostealers are one of the top threats we're tracking this year. These pieces of malware are often thought of as more of a personal concern due to their association with pirated video games, but they're increasingly targeting enterprises for a bigger and more valuable information haul.

Today we're excited to release our Director of CTI's latest blog, in which he details specific ways you can defend against many of the techniques used by infostealer operators, and shows you how the Tidal Community Edition can help you with these defenses.

Check it out!

#threatintel #ttp #cybersecurity #threatintelligence #threatinformeddefense

https://hubs.la/Q01zZBvf0

Faites une ⏸ . Arrêtez quelques instants de penser #ransomware et grosse #cyberattaque 💥. Venez avec moi, on va parler de #malvertising, d'empoisonnement de #SEO...
Tout ça pour distribuer des #infostealers. On n'imagine difficilement les ravages qu'ils peuvent faire sur la vie d'une personne. Et encore plus à quelle vitesse.
Mais vous pensez que les entreprises n'ont pas à s'en préoccuper ? Imaginez que l'individu victime soit votre collaborateur... que parmi les données volées, il y ait ses identifiants pour votre #VPNSSL, votre passerelle #Citrix, votre environnement de VDI VMware, votre ferme #RDS... Vous commencez à entrevoir la suite ? Vous la voyez venir la #cyberattaque tonitruante avec un gros méchant #ransomware ?
https://www.lemagit.fr/actualites/252529309/Menaces-cyber-le-grand-retour-du-malvertising

Online la seconda puntata del 2023 di #NINAsec !

Si parla degli impatti di #JsonWebToken e della sua vulnerabilità, poi di #infostealers che stanno agitando le loro campagne malevole anche in Italia ⤵️

https://buttondown.email/ninasec/archive/bugs-in-jsonwebtoken-e-spyware-su-phishing-anche/

We're tracking infostealers as one of the biggest threats to enterprises this year. While these have typically been associated with consumer-level attacks, they can have big impacts to businesses. In our latest blog, our Director of CTI, Scott Small, breaks down the infostealer landscape and TTPs commonly used by actors using these pieces of malware. Check it out!

#threatintel #cyberthreatintelligence #cybersecurity #infostealers

https://hubs.la/Q01xSjSH0

BTW, in case you didn't know, I fucking HATE

#Infostealers
#Winstealers

Sure, the lures are basic, as is the functionality, but they smash and grab every credential they can, exfil it immediately, then self-destruct. Unless you catch it on execution, or over the wire, congrats, all your creds probably got shipped to an access broker, and you never noticed, because these things almost never establish persistence.