Claim OwnershipThe Cyber Threat Perspective
Subscribed: 6Played: 16
Subscribe
© 2024 The Cyber Threat Perspective
Description
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.
113 Episodes
Reverse
This week we are replaying one of our earliest episodes. In this episode, Brad and Spencer discuss the THREE primary ways we gain initial access on penetration tests and how to stop us! The moral of this story is that these are attack vectors we see adversaries using day in and day out to compromise organizations. We hope this episode helps you track down and close those gaps in your own environments.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
This is the November 2023 Cyber Threat Recap. Every day our Cyber Threat Intelligence team is tracking, researching, and analyzing threats, vulnerabilities, exploits, and techniques with the purpose of keeping you up-to-date on what's relevant and important in the industry. So you can be more prepared today than you were yesterday to protect your organization.Okta Breach/1PasswordOkta says its support system was breached using stolen credentials1Password Detects Suspicious Activity Following Okta Support BreachHackers Stole Access Tokens from Okta’s Support Unit – Krebs on SecurityOcto Tempesthttps://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/Trendshttps://www.simplilearn.com/top-cybersecurity-trends-articleThe 10 Biggest Cyber Security Trends In 2024 Everyone Must Be Ready For NowBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewUber was hackedMicrosoft Teams stores auth tokens as cleartext in Windows, Linux, MacsRansomware Developers Turn to Intermittent Encryption to Evade DetectionBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review:New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor SecurityNew Linux Malware Evades Detection Using Multi-stage DeploymentBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewRoasting 0ktapus: The phishing campaign going after Okta identity credentialsAdvanced BEC Scam Campaign Targeting Executives on O365The Rise of LNK Files (T1547.009) and Ways To Detect ThemBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewHackers Breach LastPass Developer System to Steal Source CodeYou Can’t Audit Me: APT29 Continues Targeting Microsoft 365 | MandiantThe GitLab 2022 Global DevSecOps SurveyBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewCleartext Shenanigans: Gifting User Passwords to Adversaries With NPPSPYRealtek SDK Vulnerability Exposes RoutersInfoSec Handlers Diary Blog - SANS Internet Storm CenterCVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflowClop Ransomware Gang Breaches Water Utility, Just Not the Right Onehttps://twitter.com/malwrhunterteam/status/1559244860636413952?s=20&t=ixiTRaQ9aflHzI37D_VlwQhttps://twitter.com/UK_Daniel_Card/status/1559252446320500741?s=20&t=ixiTRaQ9aflHzI37D_VlwQBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewBumbleBee Roasts Its Way to Domain AdminSMS & Voice Phishing Attackshttps://www.twilio.com/blog/august-2022-social-engineering-attackhttps://blog.cloudflare.com/2022-07-sms-phishing-attacks/https://blog.talosintelligence.com/2022/08/recent-cyber-attack.htmlBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewLarge-Scale AiTM Attack targeting enterprise users of Microsoft email servicesDeception at a scaleInitial Access Brokers Are Key to Rise in Ransomware AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewIPFS The New Hotbed of PhishingHow Threat Actors Are Adapting to a Post-Macro WorldPalo Alto 2022 Incident Response Threat ReportFewer Ransomware Victims Pay As Medium Ransom Falls in Q2 2022Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review: Microsoft resumes default blocking of Office macros after updating docshttps://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blockedA potentially dangerous macro has been blockedBlackCat ransomware attacks not merely a byproduct of bad luck'AIG' Threat Group Launches With Unique Business ModelBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review:Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporaryThe DFIR Report - SELECT XMRig FROM SQLServerHive ransomware gets upgrades in RustFrom cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraudBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewMicrosoft Rolls Back Decision to Block Office Macros By Default 😢Possible APT29/Ransomware Groups Use of Brute Ratel C4When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious ActorsReversing Malware Also How is APT 29 Successful with This Phishing TechniqueRaspberry Robin/QNAPWormRaspberry Robin gets the worm earlyMicrosoft finds Raspberry Robin worm in hundreds of Windows networksNew Raspberry Robin worm uses Windows Installer to drop malwareCloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 BucketPrevention Takes Priority Over ResponseBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's reviewRise of LNK (Shortcut files) MalwareLockBit 3.0 Released Now With Bug Bounty ProgramCISA Says PwnKit Exploited in the WildBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review:New NTLM Relaying Attack via DFSCoerceRansomware Potential for OneDrive & SharePoint FilesKeeping PowerShell: Security Measures to Use and EmbraceBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review:The rise of BlackCat (ALPHV) ransomwareMicrosoft Analysis of BlackCatAdvIntel Analysis of BlackCatRansomware Group Debuts Searchable Victim DataLockBit 2.0: How This RaaS Operates and How to Protect Against ItTranslating Saitama's DNS tunneling messages - SANS Internet Storm CenterPublic Travis CI Logs (Still) Expose Users to Cyber AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review:A DFIR Report with no Ransomware and no Cobalt StrikePath Traversal & MOTW Bypass - DIAGCAB Windows Zero-day aka "Dogwalk"Linux version of Black Basta ransomware targets VMware ESXi serversTA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)Blog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In this week's review:Microsoft Diagnostics Tool Remote Code Execution Zero DayNew Windows Search zero-day added to Microsoft protocol nightmareVendor Refuses to Remove Backdoor Account That Can...Over 3.6 million exposed MySQL servers on IPv4 and IPv6 |...APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-DaysBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In This Weeks ReviewPDF Malware Is Not Dead YetDetecting & Preventing Rogue Azure SubscriptionsPython and PHP Library Updated with 'Extra' Features by a "Security Researcher"2022 Verizon Data Breach Investigations ReportZoom: Remote Code Execution with XMPPExploit released for critical VMware auth bypass bugBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
In This Weeks ReviewGootloader & Gootkit Analysis by DFIR Report and Red CanaryAuthenticated PetitPotam Lives On (CVE-2022-26925)The Hunter Becomes the Hunted: Evicting the AdversarySpoofing SaaS Vanity URLS for Social Engineering AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com
Comments
Download from Google Play
Download from App Store
United States