Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
9 résultats taggé threat-actor  ✕
Mitigating ELUSIVE COMET Zoom remote control attacks - The Trail of Bits Blog https://blog.trailofbits.com/2025/04/17/mitigating-elusive-comet-zoom-remote-control-attacks/
21/04/2025 09:10:28
QRCode
archive.org

When our CEO received an invitation to appear on “Bloomberg Crypto,” he immediately recognized the hallmarks of a sophisticated social engineering campaign. What appeared to be a legitimate media opportunity was, in fact, the latest operation by ELUSIVE COMET—a threat actor responsible for millions in cryptocurrency theft through carefully constructed social engineering attacks.

This post details our encounter with ELUSIVE COMET, explains their attack methodology targeting the Zoom remote control feature, and provides concrete defensive measures organizations can implement to protect themselves.

trailofbits EN 2025 ELUSIVE-COMET CEO invitation zoom threat-actor social-engineering crypto
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit https://www.securityweek.com/threat-actor-allegedly-selling-fortinet-firewall-zero-day-exploit/
20/04/2025 12:44:39
QRCode
archive.org

A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls.

securityweek EN 2025 Threat-Actor Selling Fortinet Firewall Zero-Day Exploit darkweb
EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher https://www.bleepingcomputer.com/news/security/encrypthubs-dual-life-cybercriminal-vs-windows-bug-bounty-researcher/
08/04/2025 08:36:46
QRCode
archive.org
thumbnail

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research.

bleepingcomputer EN 2025 Cybercrime EncryptHub Hacker Microsoft Threat-Actor White-Hat-Hacker Zero-Day
31 new ransomware groups were discovered in 2024 https://www.securitymagazine.com/articles/101123-31-new-ransomware-groups-were-discovered-in-2024
29/10/2024 13:39:43
QRCode
archive.org
thumbnail

A report by Secureworks revealed a 30% year-over-year rise in active ransomware groups, which demonstrates fragmentation of an established criminal ecosystem.

securitymagazine EN 2024 threat-actor threat-analysis threat-alerts fragmentation ransomware groups report
NullBulge | Threat Actor Masquerades as Hacktivist Group Rebelling Against AI https://www.sentinelone.com/labs/nullbulge-threat-actor-masquerades-as-hacktivist-group-rebelling-against-ai/
18/07/2024 23:35:48
QRCode
archive.org
thumbnail

Actors are masquerading as hacktivists targeting AI-centric communities with commodity malware and customized LockBit payloads.

sentinelone EN 2024 NullBulge threat-actor hacktivists fake malware LockBit
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors https://unit42.paloaltonetworks.com/two-campaigns-by-north-korea-bad-actors-target-job-hunters/
22/11/2023 15:44:33
QRCode
archive.org
thumbnail

Two ongoing campaigns bear hallmarks of North Korean state-sponsored threat actors, posing in job-seeking roles to distribute malware or conduct espionage.

unit42 EN 2023 North-Korea Job-Related Campaigns threat-actor job-seeking malware espionage
Negotiating with LockBit: Uncovering the Evolution of Operations and Newly Established Rules https://analyst1.com/blog-negotiating-with-lockbit-uncovering-the-evolution-of-operations-and-newly-established-rules/
17/11/2023 14:55:57
QRCode
archive.org

What defines success for ransomware actors during an attack? Breaching a victim’s network, exfiltrating valuable data, and encrypting systems are crucial components. However, the ultimate measurement of success is the actor’s ability to extort a ransom payment, which determines if they achieve their financial goals. Navigating the ransom negotiation phase, whether conducted by the victims themselves or designated recovery firms, demands a high level of expertise and a deep understanding of the attackers involved. This includes studying of the threat actor’s profile, tactics, and evolving strategies. In this complex landscape, there is no one-size-fits-all playbook for successfully managing the negotiation phase, as each ransomware group exhibits distinct behaviors and adopts new tactics shaped by many factors.

analyst1 EN 2023 LockBit threat-actor TTP ransomware group
Exposing DuckTail https://www.zscaler.com/blogs/security-research/ducktail-threat-actor-expose
30/08/2023 17:29:24
QRCode
archive.org
thumbnail

A comprehensive exploration of DuckTail's sophisticated infrastructure and insights gained from months of monitoring.

zscaler EN 2023 DuckTail insights analysis threat-actor
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks - Microsoft Security Blog https://www.microsoft.com/security/blog/2022/08/24/looking-for-the-sliver-lining-hunting-for-emerging-command-and-control-frameworks/
25/08/2022 14:34:56
QRCode
archive.org
thumbnail

Threat actors evade detection by adopting the Sliver command-and-control (C2) framework in intrusion campaigns.

microsoft EN 2022 Sliver C2 framework command-and-control threat-actor
4259 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio