DynamicCISO

A clever, new #phishing technique uses #Microsoft Edge #WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass MFA when logging into stolen accounts. bleepingcomputer.com/news/security/… @rneelmani #infosec #security #girlswhocode #100daysofcode

@CISAgov warned today that threat actors, including state-backed hacking groups, are still targeting #VMware Horizon and Unified Access Gateway (UAG) servers using the #Log4Shell (CVE-2021-44228) remote code execution vulnerability. bleepingcomputer.com/news/security/… @rneelmani #infosec

Industry Consolidation & Platform Approach Will Determine New @Security Paradigm: Vijendra Katiyar, @TrendMicro @dynamicCISO @ISMG_News #100DaysOfCode #Ransomware #Vulnerability #CyberSecurity #CyberAttacks dynamicciso.com/industry-conso…

#Offensivesecurity #startup ⁦@hadriansecurity⁩ has got received €10.5 million ($11 million) in unsolicited seed funding that brings the total invested in company to $13.7 million. ⁦@dynamicCISO⁩ #100daysofcode #cybersecurity securityweek.com/hadrian-raises…

A #PowerShell script was found targeting #cryptocurrency browser extensions or apps, including #Edge, #Chrome, and #Brave. The #hackers could replace a wallet address with their own to steal funds. isc.sans.edu/forums/diary/M… @rneelmani #infosec #cybersecurity #security #hacking

The #NSA, the #CISA, the NZ NCSC & the NCSC-U.K issued an advisory suggesting system admins use #PowerShell to identify and thwart malicious activities on #Windows systems. media.defense.gov/2022/Jun/22/20… #malware #ransomware #infosec #security #cybersecurity #girlswhocode @rneelmani

@McAfee_Labs witnessed a rise in the use of LNK files to deliver #malware such as #BazarLoader, #IcedID, #Emotet, and Qbot, in Q2 2022. The files are delivered via email spam and malicious URLs. #infosec #cybersecurity #security #girlswhocode @rneelmani mcafee.com/blogs/other-bl…

Cyber Spetsnaz is targeting the Lithuanian critical infrastructure and government resources with DDoS attacks after the ban on Russian railway goods.

#Conti affiliates #hacked more than 40 orgs in a little over a month, in a campaign dubbed #ARMattack. The attack occurred between November 17 and December 20, 2021. Blog - group-ib.com/media/conti-ar… @rneelmani #infosec #cybersecurity #security #ciso

@Google's Threat Analysis Group (TAG) says #RCSLabs, an #Italian #spyware vendor, has received help from ISPs to infect #Android and #iOS users in #Italy and #Kazakhstan with commercial #surveillance tools. ⁦@dynamicCISO⁩ #100daysofcode ⁦ bleepingcomputer.com/news/security/…

2 #Chinese #hacking groups conducting cyber #espionage and stealing intellectual property from #Japanese and western companies are deploying #ransomware as a decoy to cover up their malicious activities. ⁦@dynamicCISO⁩ #100daysofcode #infosec bleepingcomputer.com/news/security/…

#Conti #cybercrime syndicate runs one of the most aggressive #ransomware operations and has grown highly organized, and the affiliates were able to hack more than 40 companies in a little over a month. @dynamicCISO #100DaysOfCode @GroupIB_GIB #malware #cybersecurity #cyberattack

@brave Search, the browser developer's #privacy-centric search engine, is celebrating its first anniversary after surpassing 2.5 billion queries and seeing almost 5,000% growth in a year. @dynamicCISO #100DaysOfCode #securebrowsing #secureinternet #dataprivacy #GirlsWhoCode

@Forescout Researchers discovered 56 #vulnerabilities affecting devices from 10 #operationaltechnology (OT) vendors, mostly attributed to inherent design flaws and a lax approach to #security and #risk management ⁦@dynamicCISO⁩ #100daysofcode threatpost.com/discovery-of-5…

#5 Finally, the lessons from #Ukraine call for a coordinated and comprehensive strategy to strengthen defenses against the full range of cyber destructive, #espionage, and influence operations. #infosec #100daysofcode #girlswhocode #security #hacking @rneelmani

#4: In coordination with other #cyber activities, #Russian agencies are conducting global #cyber influence operations to support their war efforts. #infosec #100daysofcode #girlswhocode #security #hacking @rneelmani

@Microsoft's latest report "Defending #Ukraine: Early Lessons from the #CyberWar" offers five conclusions that come from the war’s first four months: A thread! #infosec #UkraineRussiaWar #100daysofcode #girlswhocode #hacking #microsoft @MSFTnews @rneelmani @bettersafetynet

Read the full report at @Microsoft: query.prod.cms.rt.microsoft.com/cms/api/am/bin…