101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

484
active users

#cyberespionage

0 posts0 participants0 posts today

Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted.

#Resecurity had an interesting post on the topic.

As an example: about 1 GB of compressed #FortemTechnologies internal files wound up in the hands of an adversary, but Fortem denies there was any breach, claiming (wait for it):

" There was no breach. The files in question were attached to emails that had been shared outside of our network."

Shared intentionally with an adversary or cybercriminal? I tend to doubt that....

databreaches.net/2025/02/19/cy

Replied in thread

The witnesses, who included the dirs of the #FBI, the #NSA, the #DIA, & the State Dept’s #INR, spoke about a panoply of challenges, from an ambitious #China to the proliferation of #ArtificialIntelligence & the continuing #threat of #cyberespionage & #CyberWarfare. Brett Holmgren, the State Dept’s top #intelligence ofcl, said that the power of #AI could “lower the barrier” for #UnitedStates adversaries to engage in #ElectionInterference.

#NationalSecurity #ForeignPolicy #terrorism #geopolitics

"🚨 #NKabuse Exposed: North Korean APT's Sophisticated Cyber Espionage 🕵️‍♂️🌍"

Kaspersky's Global Emergency Response Team (GERT) and GReAT have identified a new multiplatform threat named "NKAbuse," which exploits the NKN (New Kind of Network) protocol. This malware, written in Go, targets primarily Linux desktops but can also infect MISP and ARM systems, posing a risk to IoT devices. NKAbuse infiltrates systems by uploading an implant, establishing persistence through a cron job, and installing itself in the host's home folder. It offers a range of capabilities, including flooding, backdoor access, and remote administration (RAT).

The initial attack vector exploited an old vulnerability related to Struts2 (CVE-2017-5638 - Apache Struts2), targeting a financial company. NKAbuse uses the NKN protocol for bot communication, enabling it to perform a variety of DDoS attacks and act as a backdoor. It also has RAT capabilities, allowing it to capture screenshots, manage files, and execute system commands. This threat is notable for its use of blockchain technology, ensuring reliability and anonymity, and has been detected in Colombia, Mexico, and Vietnam.

The article, written by Costin Raiu, Brian Bartholomew, and team, unravels IoC's and NKabuse's tactics, including a custom backdoor and strategic web compromises. 🧩🔐

Source: Securelist - Unveiling NKabuse

Tags: #CyberEspionage #APT #NorthKorea #CyberSecurity #KonniRAT #StateSponsored #CyberThreats #SocialEngineering #Malware #InfoSecCommunity

Kaspersky · Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocolBy Kaspersky GERT

NEW episode of DISCARDED 🎙️✨

Greg Lesnewich joins us to talk about recent activity from the Russian APT #TA422 that includes exploiting two different vulnerabilities. We also dive into the importance of knowing and examining biases, the use of less fancy malware and more living off the land tactics by Russian groups, and why people call him Gregles.

#cyberespionage #threathunting #APT

Apple: lnkd.in/efsaiDVH
Spotify: lnkd.in/eJpcAfz7
Google: lnkd.in/eg_Rpc5q

lnkd.inLinkedInThis link will take you to a page that’s not on LinkedIn