While most of us celebrate Labor Day let's all try to take a moment to remember those who don't get to spend time with their loved ones today, wherever they may be and whatever they may be doing!

I don't know how this report slid under my radar but the ESET researched team unveil a "Marioesque" themed adversary, #MoustachedBouncer! They are a cyberespionage group that targets foreign embassies in Belarus with the use of their ISP level access and their tools #NightClub and #Disco. Using their (assumed) unique level of access, they compromise their targets by redirecting them to a fake #Microsoft update site which loads JavaScript code then leads to a zip file being downloaded. The team wasn't able to get the zip file, but they were still able to identify some TTPs and #LOLBINS abuse, such as creating a malicious scheduled task. I hope you enjoy and Happy Hunting!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday #LaborDay

Black Hat and DefCon were amazing. the amount of thoughtful researchers, experts, hackers and gov't officials gives you hope that we're (kinda) on the right path

here are some stories from Las Vegas last week #BlackHat #DEFCON31 #blackhat2023

-- Taiwan

https://therecord.media/china-taiwan-critical-infrastructure-attacks-us-easterly

-- CIRCIA/ransomware

https://therecord.media/cyber-incident-reporting-cisa-circia-ransomware-easterly

-- Cryptocurrency zero-days

https://therecord.media/multiple-vulnerabilities-affecting-crypto-platform-bitforge

-- Viasat attack update

https://therecord.media/viasat-hack-was-two-incidents-and-resulted-in-sanctions

-- Open Source and Memory Safe languages

https://therecord.media/white-house-calls-for-help-on-open-source-security

-- Belarus using #MoustachedBouncer

https://therecord.media/espionage-hackers-targeting-embassies-belarus

-- Moovit vulnerabilities

https://therecord.media/moovit-vulnerabilities-allow-free-subway-rides

-- CODESYS vulnerabilities

https://therecord.media/microsoft-reveals-vulnerabilities-codesys

-- DDoS attacks on gaming

https://therecord.media/ddos-attacks-tied-to-gaming-business-disputes-fbi-says

-- Yashma ransomware

https://therecord.media/vietnamese-hacker-targets-chinese-bulgarian-organizations-with-new-ransomware

see ya next year!

HackRead: MoustachedBouncer Hackers Caught Spying on Embassies https://www.hackread.com/moustachedbouncer-hackers-spying-on-embassies/ #MoustachedBouncer #CyberAttacks #StrongPity #Security #Belarus #Malware #Russia #Spying #Turla