Malware Patrol

We just released a fresh threat actor profile on #APT39, an Iranian state-sponsored group known for cyber espionage, surveillance, and operations targeting telecommunications, travel, and critical infrastructure. #CyberThreatIntelligence #ThreatHunting #Infosec #CyberSecurity

IPv6 aliasing allows devices to have multiple IPv6 addresses, making network traffic appear more distributed. While offering flexibility, it also creates challenges for security teams in detecting and tracing potentially malicious activity. #IPv6Aliasing #IPv6Addresses #ThreatIntelligence #CyberSecurity

We offer free Basic Defense blocklist accounts for EDUs. Request yours here. https://lnkd.in/gk4kErJ

Over 1,000 WordPress sites infected with malicious third-party JavaScript, injecting four separate backdoors. The code is served via cdn.csyndication[.]com, with 908 websites currently affected. #WordPressSites #JavaScript #Backdoors #ThreatIntelligence #CyberSecurity

https://lnkd.in/epMYXNmE

Researchers have uncovered multiple groups of websites imitating the official DeepSeek chatbot platform. These fake sites are distributing harmful code disguised as a client for the popular service. #DeepSeek #Stealers #Backdoors #ThreatIntelligence #CyberSecurity

A cybersecurity threat called SilentCryptoMiner can secretly mine cryptocurrencies on your device without your knowledge. It hides in system processes and can mine various cryptocurrencies like ETH, ETC, XMR, and RTM. #SilentCryptoMiner #malware #BypassTool #ThreatIntelligence #CyberSecurity

The ECB TIBER-EU "Targeted Threat Intelligence Report Guidance" outlines a methodical approach to threat intelligence collection, scenario development, and attack simulation. One of its most useful aspects is its emphasis on contextualisation. Rather than simply listing threats, it requires you to assess threats in relation to the entity’s critical functions, digital footprint, and country and sector-specific risks. Two tools stand out in making this process more effective. Attack Flow allows you to define and sketch attack paths and scenarios. It allows you to include the different steps and decisions and export the scenarios to a format usable in reports. Additionally, MISP Project (@[email protected] ) gives value by providing actual recent indicators and attack techniques used by adversaries. Instead of relying on static threat intelligence, which can quickly become outdated, MISP allows for a dynamic approach, where intelligence feeds directly into the attack scenario development. Reach out if you require more info on scenario development and MISP integration! https://lnkd.in/ed_9Jsmy

Recent cyberattacks by the Qilin ransomware group have affected a cancer treatment clinic in Japan and a women's healthcare facility in the US. #Qilin #Ransomware #CyberAttack #CyberSecurity #CyberSecNews

Interrupt the cyber kill chain by detecting and blocking C2 traffic. Our C2 addresses feed is correlated with MITREattack to include the #malware family's associated TTPs and group(s). https://lnkd.in/e7iGTKXh