For the latest discoveries in cyber research for the week of 20th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES F5 has disclosed a cyber attack, reportedly carried out by a nation-state actor with long-term, persistent access to critical product development environments. The attacker exfiltrated files that included portions of BIG-IP source…
previous My next class: Reverse-Engineering Malware: Advanced Code Analysis Online | Greenwich Mean Time Oct 27th – Oct 31st 2025 Many Online Services and Websites Affected by an AWS Outage My next class: Reverse-Engineering Malware: Advanced Code Analysis Online | Greenwich Mean Time Oct 27th – Oct 31st 2025 previous Comments Login here to join…
I found another piece of malware this weekend. This one looks more like a proof-of-concept because the second-stage payload is really “simple”, but it attracted my attention because it uses a nice technique to obfuscate the code. The dropper is a simple Python script (SHA256:e6f7afb92153561ff6c584fee1b04fb132ba984e8a28ca63708a88ebad15b939) with a low VT score of 4/62[1]. The script contains…
ISC Stormcast For Monday, October 20th, 2025 https://isc.sans.edu/podcastdetail/9662, (Sun, Oct 19th) Source link
In mid-October 2025, the cybersecurity landscape was dealt a severe blow. F5 disclosed a long-term, sophisticated breach by a nation-state threat actor. This was not a typical vulnerability disclosure. The attackers exfiltrated a strategic critical pair of assets: portions of BIG-IP source code, and internal details of undisclosed (unpatched) vulnerabilities. The U.S. Cybersecurity and Infrastructure…
Attackers are everywhere! They try to abuse victims using new communication channels and social engineering techniques! Somebody pointed my to the following Tik-Tok video: hxxps://vm[.]tiktok[.]com/ZGdaCkbEF/. The author pretends to provide you an easy way to activate Photoshop for free: Note that the video has already been liked more than 500 times! The technique is similar to…
ISC Stormcast For Friday, October 17th, 2025 https://isc.sans.edu/podcastdetail/9660, (Fri, Oct 17th) Source link
This week, we set up a new Slack workspace for DShield.org. This workspace replaces the old workspace we originally configured back in 2016 or 2017. The workspace was originally configured as a free workspace to support the DShield.org community. Over the years, it has had a good following and a good amount of traffic. Sadly, we…
Summary Check Point Research (CPR) identified a security vulnerability in January 2025 affecting the new Rust-based kernel component of the Graphics Device Interface (commonly known as GDI) in Windows. We promptly reported this issue to Microsoft and they fixed the vulnerability starting with OS Build 26100.4202 in the KB5058499 update preview released on May 28th 2025. In the following sections, we…
Tor Browser 15.0a4 is now available from the Tor Browser download page and also from our distribution directory. This version includes important security updates to Firefox. Release Candidate If all goes as planned, this will be our last alpha release in the 15.0 series before it is promoted to stable in the last week of…
