Obfuscated backdoor attack: Simple but Undetected PowerShell Backdoor – SANS This is a more complex read but if you are in the business it is a real help to see how these old school attacks still work.
Developers beware! Attacks on the code supply chain
The security team at the open source repository, NPM, have removed 17 malware infected Java Script libraries from their servers. This is important as many code developers depend on the trust of NPM to develop application that we all use, and if they use infected code, then that will be …
Continue reading “Developers beware! Attacks on the code supply chain”
You should know that Phishing is not always done by email
There is an article on the Sans Internet Storm Diary looking at a phishing attack/exploit that is running on Discord. Phishing Direct Messages via Discord (sans.edu) Now you may not know what Discord is, but your takeaway from this blog post is that phishing is not just something that attacks …
Continue reading “You should know that Phishing is not always done by email”
Apple sues now Google sues
I wrote about Apple suing the NSO Group, the manufactures of our friend the Pegasus spyware. Now Google are going after named individuals, they allege are involved with hackers that have attacked and stolen Google user information from around the world. Google sues alleged Russian cyber criminals – BBC News …
Network abuse – keep your eyes open
Rather than your eyes have the right types of monitoring systems installed to give you peace of mind. It has become quite a thing that malware packages install crypto mining software on the victim’s machine. Stealing compute cycles, power, performance and network bandwidth from you. Here is an article from …
