While most of us celebrate Labor Day let's all try to take a moment to remember those who don't get to spend time with their loved ones today, wherever they may be and whatever they may be doing!
I don't know how this report slid under my radar but the ESET researched team unveil a "Marioesque" themed adversary, #MoustachedBouncer! They are a cyberespionage group that targets foreign embassies in Belarus with the use of their ISP level access and their tools #NightClub and #Disco. Using their (assumed) unique level of access, they compromise their targets by redirecting them to a fake #Microsoft update site which loads JavaScript code then leads to a zip file being downloaded. The team wasn't able to get the zip file, but they were still able to identify some TTPs and #LOLBINS abuse, such as creating a malicious scheduled task. I hope you enjoy and Happy Hunting!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #LaborDay
#moustachedbouncer #Nightclub #disco #microsoft #lolbins #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting #readoftheday #laborday
Black Hat and DefCon were amazing. the amount of thoughtful researchers, experts, hackers and gov't officials gives you hope that we're (kinda) on the right path
here are some stories from Las Vegas last week #BlackHat #DEFCON31 #blackhat2023
-- Taiwan
https://therecord.media/china-taiwan-critical-infrastructure-attacks-us-easterly
-- CIRCIA/ransomware
https://therecord.media/cyber-incident-reporting-cisa-circia-ransomware-easterly
-- Cryptocurrency zero-days
https://therecord.media/multiple-vulnerabilities-affecting-crypto-platform-bitforge
-- Viasat attack update
https://therecord.media/viasat-hack-was-two-incidents-and-resulted-in-sanctions
-- Open Source and Memory Safe languages
https://therecord.media/white-house-calls-for-help-on-open-source-security
-- Belarus using #MoustachedBouncer
https://therecord.media/espionage-hackers-targeting-embassies-belarus
-- Moovit vulnerabilities
https://therecord.media/moovit-vulnerabilities-allow-free-subway-rides
-- CODESYS vulnerabilities
https://therecord.media/microsoft-reveals-vulnerabilities-codesys
-- DDoS attacks on gaming
https://therecord.media/ddos-attacks-tied-to-gaming-business-disputes-fbi-says
-- Yashma ransomware
see ya next year!
#blackhat #Defcon31 #blackhat2023 #moustachedbouncer
HackRead: MoustachedBouncer Hackers Caught Spying on Embassies https://www.hackread.com/moustachedbouncer-hackers-spying-on-embassies/ #MoustachedBouncer #CyberAttacks #StrongPity #Security #Belarus #Malware #Russia #Spying #Turla
#moustachedbouncer #cyberattacks #strongpity #security #belarus #malware #russia #spying #turla