/ When Hackers hack the Hackers - Malware Analysis for a group targeting Malware Developers

Detailed analysis revealed Command & Control (C2) connections using Discord for communication.

https://www.r-tec.net/r-tec-blog-when-hackers-hack-the-hackers.html

P.S. Malicious domains with Cobalt Strike C2, Remcos C2 already blocked in OpenBLD.net DNS

Открытый практикум: Configuration drift – управляем конфигурацией приложений
 
13 Июня (Вторник) 19:00 по МСК. Детали

Программа:
• Что такое configuration drift?
• Какая может быть архитектура configuration drift?
• Рассмотрим пример реализации configuration drift

Ведет:
Александр Крылов – Опыт работы в DevOps более 7 лет. Постоянный спикер конференций: DevOps conf, TeamLead conf, Highload conf. Автор курса по Haproxy на Rebrain.
 

/ OWASP API Security Top-10 for 2023 Risk Ratings

https://lab.wallarm.com/owasp-api-security-top-10-for-2023-risk-ratings/amp/

/ Cisco AnyConnect for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM (High)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw

Debian 12 bookworm released

https://www.debian.org/News/2023/20230610

/ Update. Barracuda Email Security Gateway Appliance (ESG) Vulnerability

ACTION NOTICE: Impacted ESG appliances must be immediately replaced regardless of patch version level.

Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG:

https://www.barracuda.com/company/legal/esg-vulnerability

Prev post:
https://news.1rj.ru/str/sysadm_in_channel/4655

/ MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997

https://www.thestack.technology/fortinet-vulnerability-vpn-cve-2023-27997/

15, 20 в Алматы пройдет несколько ИБ-ивента

- 15 июня проведет Trend Micro в рамках мирового роадшоу Risk to Resilience: https://resources.trendmicro.com/R2R-WT23-Almaty-Russian.html

- 20 июня - впервые в Казахстане состоится Positive Security Day (будет даже А.Лукацкий): https://psdaykz.ptsecurity.com/

/ Elastic Security Labs has discovered the SPECTRALVIPER malware

https://www.elastic.co/security-labs/elastic-charms-spectralviper

/ UI Bug in Visual Studio Lets Attackers Impersonate Publishers

https://www.varonis.com/blog/visual-studio-bug

🚀 Experience the Power of AI-Powered Anomaly Detection in Netdata!
 
Revolutionize your infrastructure monitoring with Netdata's cutting-edge AI/ML capabilities. Discover the next level of automated anomaly detection and prediction, setting new standards for open-source monitoring tools 💪️️️️

Prepare to be amazed by Netdata's anomaly features and unlock these remarkable qualities:
— Anomaly Advisor: Quickly surface potentially anomalous metrics and charts
— Predictive Analytics: Leverage AI and ML to predict future trends and potential issues
— Real-Time Anomaly Detection: With ML predictions for each collected metric
— Alerting and Remediation: Intelligent alerting with AI and ML to create context-aware alerts
— Non-stop Research and Development: Developers actively explore and develop new AI and ML-driven features
🔧 How It Works: See detailed article

Whether you're involved in metric collection, monitoring, or observability, Netdata.cloud is your ultimate destination ✨ Peace ✌️

/ Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/

/ Skuld: The Infostealer that Speaks Golang

This new malware strain tries to steal sensitive information from its victims..:

https://www.trellix.com/en-us/about/newsroom/stories/research/skuld-the-infostealer-that-speaks-golang.html

Открытый практикум Networks by Rebrain: Основы построения Wi-Fi сетей
 
• 22 Июня (Четверг), 20:00 по МСК. Детали

Программа:
• Физические основы передачи радиосигналов
• Планирование и развёртывание WLAN
• Расширенная настройка точек доступа и радиомостов
• Тестирование производительности и защита от атак

Ведет:
• Ольга Яновская – Ph.D. in Information Technology. Cisco NetAcad Instructor/Instructor-Trainer. Ведущий сетевой инженер.

/ Introducing AzDetectSuite

— Read on MS Tech Community

Open SysConf'23 ⚡ День Х: 16 сентября (Суббота)
 
Парни и девочки, день Open SysConf'23 встречи - 16 сентября (суббота) 2023.

Подтягиваем ширинки, блузки, гладим шнурки и волосы (у кого есть) и намереваемся на встречу в этот прекрасный и уверен солнечный во всех отношениях день ☀️

Возможно нашей встрече не хватает именно твоего доклада..?

— Форма регистрации докладчика

Место проведения: выбирается. Локация: Казахстан, г.Алматы.

Всем Peace ✌️

/ Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

https://orca.security/resources/blog/examining-two-xss-vulnerabilities-in-azure-services/

/ MOVEit Transfer Critical Vulnerability – CVE Pending (June 15, 2023)

Dedcriptions. Mitigation Steps:

https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023

/ VMware ESXi Zero-Day Used by Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass

/ Mystic Stealer – Evolving “stealth” Malware

Mystic Stealer has begun to establish a stronger foothold in the threat landscape, as evidenced by the rising number of command and control (C2) panels observed in the wild... 50 active command and control (C2) servers, indicating the growing prevalence of this threat..

Denoscriptions. Mitigation steps:

https://www.cyfirma.com/outofband/mystic-stealer-evolving-stealth-malware/

/ Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

https://msrc.microsoft.com/blog/2023/06/microsoft-response-to-layer-7-distributed-denial-of-service-ddos-attacks/