Summary: This article discusses the cybersecurity challenges faced by small and medium-sized enterprises (SMEs), including resource and staffing limitations, budget cuts, and the increasing threat of cyber-attacks. Threat Actor: N/A Victim: SMEs Key Points: Around 49% of SME IT teams believe they la…
Tag: MACOS
Summary: This content discusses Realm, an open-source adversary emulation framework that focuses on scalability, reliability, and automation for engagements of any size. Threat Actor: N/A Victim: N/A Key Point : Realm is unique in its custom interpreter written in Rust, allowing complex TTPs to be w…
Summary: Signal is improving the security of its desktop client by changing how it stores encryption keys, addressing a vulnerability that has been downplayed since 2018. Threat Actor: N/A Victim: Signal users Key Point : Signal Desktop for Windows or Mac creates an encrypted SQLite database to stor…
Summary: A malvertising campaign targeting Mac users searching for Microsoft Teams is using advanced techniques to evade detection, highlighting the increasing sophistication of threats affecting macOS. Threat Actor: Atomic Stealer malware | Atomic Stealer malware Victim: Mac users searching for Mic…
In a new malware campaign, threat actors are using Google ads to target Mac users looking to download Microsoft Teams….
Summary: This content discusses a vulnerability in Ghostscript that could potentially lead to major breaches in the future. Threat Actor: Ghostscript | Ghostscript Victim: Users of *nix, Windows, MacOS, and various embedded OSes and platforms | Users of *nix, Windows, MacOS, and various embedded OSe…
Summary: Google has announced that starting November 1, 2024, Chrome version 127 and higher will no longer trust new TLS server authentication certificates from Entrust and AffirmTrust due to compliance failures and unfulfilled improvement commitments. Threat Actor: N/A Victim: Website owners Key Po…
Qualys TRU has disclosed a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s sshd on glibc-based Linux systems that allows unauthenticated remote code execution as root. The flaw is a regression linked to CVE-2006-5051, impacting a large b…
Summary: This blog post discusses a new campaign that is distributing a stealer targeting Mac users via malicious Google ads for the Arc browser. Threat Actor: Rodrigo4 | Rodrigo4 Victim: Mac users | Mac users Key Point : A new campaign has been observed distributing a stealer targeting Mac users vi…
Poseidon is a macOS stealer campaign distributed through malvertising that lures Mac users with fake Arc browser downloads via malicious Google ads. The Poseidon project is an evolution/rebranding of Atomic Stealer/OSX.RodStealer by threat actor Rodrigo4, adding features like VPN configuration theft and data exfiltration over HTTP to a remote IP and C2 at 79.137.192[.]4/p2p. #PoseidonMacStealer #AtomicStealer #OSXRodStealer #Rodrigo4 #ArcBrowser
Summary: This content provides an overview of Zeek, an open-source network analysis framework that operates as a versatile sensor to monitor network traffic and generate comprehensive logs and output for analysis. Threat Actor: N/A Victim: N/A Key Point : Zeek is an open-source network analysis fram…
Summary: This article discusses a security flaw in the Ollama open-source AI infrastructure platform that could be exploited for remote code execution. Threat Actor: Unknown | Ollama Victim: Ollama | Ollama Key Point : A security flaw in the Ollama open-source AI infrastructure platform has been dis…
Summary: Google has released a security update for Chrome 126, addressing several vulnerabilities including a high-severity type confusion issue in the V8 script engine. Threat Actor: N/A Victim: N/A Key Point : The security update for Chrome 126 addresses a high-severity type confusion issue in the…
Summary: The content discusses the alarming increase in vulnerabilities across all enterprise software categories and emphasizes the need for alternative approaches to vulnerability monitoring due to delays in associating Common Vulnerabilities and Exposures (CVE) identifiers with Common Platform En…
Summary: Threat actors are increasingly targeting load balancers, leading to a record exploitation rate for this category of devices over a three-year period. Threat Actor: Unknown | Unknown Victim: Load balancers | Load balancers Key Point : Load balancers have a disproportionately high exploitatio…