Deepak Joshi’s Post

Check out our latest Russia/Ukraine update! We cover the most recent cyber threats reported, review threat groups and looking forward. #optiv #russiaukrainewar #apt https://lnkd.in/gAZbqNJp

📢 New Advisory Reveals Shocking Tactics of Cyber Espionage Group Gamaredon, Formed by Ex-Ukrainian Security Officers Defected to Russia. Ukraine's CERT-UA warns of ongoing attacks on government communication systems using malware like GammaSteel. Stay vigilant and read the full report 👉 #CyberSecurity #ThreatIntelligence #UkraineSecurityhttps://buff.ly/44rpgo3

𝐈𝐫𝐚𝐧𝐢𝐚𝐧 𝐀𝐏𝐓 𝐇𝐢𝐭𝐬 𝐔𝐒 𝐀𝐯𝐢𝐚𝐭𝐢𝐨𝐧 𝐎𝐫𝐠 𝐯𝐢𝐚 𝐌𝐚𝐧𝐚𝐠𝐞𝐄𝐧𝐠𝐢𝐧𝐞, 𝐅𝐨𝐫𝐭𝐢𝐧𝐞𝐭 𝐁𝐮𝐠𝐬 The aviation incident is not the first instance of Iranian APTs targeting the interests of the US federal government. Last year, an Iranian government-sponsored group used the Log4Shell vulnerability to breach the US Federal Civilian Executive Branch systems and leave malware. Read more: https://lnkd.in/dicdZfpk #infosec #informationsecurity #hacking #cybersecurity #cybersec  #cybercrime #cyberdefense #hacker #bugbounty #bughunting #bugbountytips

The Dutch military suffered an attack from Chinese hackers last year, leading to malware being deployed on a number of devices on its network. #cybersecurity #infosec #dataprotection #itsecurity #networksecurity #cyberawareness #securetech #cyberdefense #threatintelligence #securityupdates #securityawareness #securenetworking #privacymatters #digitalsecurity #cloudsecurity

A highly sophisticated state-sponsored threat actor linked to Iran's Ministry of Intelligence and Security has been conducting a year-long espionage campaign targeting prominent organizations in the Middle East. The campaign, known as "Scarred Manticore" and "Shrouded Snooper," has impacted various regional sectors, including government, military, finance, IT, and telecommunications. The group employs a stealthy, customizable malware framework to extract payloads from incoming traffic, demonstrating an advanced level of cyber espionage capabilities. https://lnkd.in/dw8whh6e #cybersecurity #cyberespionage #malware #securityawareness #security #privacymatters #privacy #infosecurity #infosec

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive for federal agencies to patch Ivanti VPN vulnerabilities on Friday. “At this point, we are investigating the potential targeting of agencies but have not confirmed any compromises,” Eric Goldstein, executive assistant director for cybersecurity at CISA, said during a media call Friday. CISA said it has observed “widespread and active exploitation” of the Ivanti vulnerabilities which, if exploited together, could lead to a full compromise of networks. Federal executive civilian branch agencies — which make up the government departments and agencies that fall outside of military and intelligence — are expected to meet the deadline before Tuesday. Get the full story from CyberScoop here: https://lnkd.in/ezzdNZiq #Cybersecurity #FederalCyber #ThreatHunting #DataProtection #NetworkSecurity #CyberScoop #CISA #ECS

#CISA advisory issued with federal and international partners warns cyber defenders of the #VoltTyphoon #APT campaign targeting the US critical infrastructure. Detect associated malicious activity with a set of detection rules in the SOC Prime Platform. https://lnkd.in/dfdvWeFe #hacker #threathunting #threatdetection #infosec #DFIR #cybersec

Cyber security officials urge 'vigilance' against threats as Zelenskyy visits Canada As Ukrainian President Volodymyr Zelenskyy visits Canada, top security officials are re-issuing a call to "adopt a heightened state of vigilance, and to bolster … awareness of and protection against malicious cyber threats." Continue Reading Here: https://lnkd.in/gaAF4Cx4 Follow Infosec Foundation for Cyber security updates #Infosecfoundation #ransomware #phishing #datasecurity #cyberattack #cybersecurity

The text discusses a cyber espionage campaign conducted by a threat actor known as Scarred Manticore. The campaign, discovered by Check Point researchers in collaboration with Sygnia, has targeted victims in countries such as Saudi Arabia, the United Arab Emirates, Jordan, Kuwait, Oman, Iraq, and Israel. Scarred Manticore has been linked to the Iranian group Storm-0861 and exhibits similarities with another Iranian group called OilRig. The actor uses a malware framework called LIONTAIL, which is installed on Windows servers and allows for remote command execution. The campaign also utilizes a backdoor known as HTTPSnoop and has targeted telecom providers in the Middle East. The attacks involve infiltrating publicly facing Windows servers to deliver malware and extract sensitive data. Scarred Manticore's tactics and tools have evolved over time, indicating the group's resources and skills. The targeting of Israel coincides with the ongoing conflict with Hamas and suggests nation-state actors' strategic use of information operations. The FBI has warned about the potential for cyber targeting of American interests and critical infrastructure by Iran and non-state actors. Overall, the threat actor's activities demonstrate a persistent and sophisticated approach to cyber espionage. #soc #socanalyst #securityoperationscenter #cybersecurityanalyst #cybersecuritynews #malware #cyberattacks #micorsoft #vulnerability #securityawareness #Cisco #redteam #blueteam

Chinese hackers breached 20,000 FortiGate systems worldwide The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known." As the MIVD disclosed in February in a joint report with the General Intelligence and Security Service (AIVD), Chinese hackers exploited a critical FortiOS/FortiProxy remote code execution vulnerability (CVE-2022-42475) over a few months between 2022 and 2023 to deploy malware on vulnerable Fortigate network security appliances. https://lnkd.in/eAkW2CSA #cybernews #fortinet #fortios #china #cybersecurity #malware #vulnerability