Cybersecurity

8716 readers
23 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS
kid@sh.itjust.works
Lanky_Pomegranate530@midwest.social
listing: all - local
1
24
Canada, US warn of China’s BRICKSTORM malware after incident response efforts (therecord.media)
submitted 1 day ago by Scotty@scribe.disroot.org to c/cybersecurity@sh.itjust.works
0 comments fedilink
 
 

cross-posted from: https://scribe.disroot.org/post/5953090

Archived version

Here is the original Cisa report: BRICKSTORM Backdoor

...

Chinese hackers are using a strain of malware to attack governments in several countries and maintain long-term access, according to U.S. and Canadian cybersecurity officials.

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Canadian Centre for Cyber Security published an advisory on Thursday outlining the BRICKSTORM malware based off an analysis of eight samples taken from victim organizations.

...

“BRICKSTORM is a sophisticated and stealthy backdoor malware linked to PRC state-sponsored cyber actors,” said CISA Executive Assistant Director for Cybersecurity Nick Andersen.

The advisory includes indicators of compromise and detections organizations can use to tell if they have been impacted by the campaign involving the malware. The malware is used “for long-term persistence on victim systems,” according to U.S. agencies.

...

The goal of the campaign is to steal valuable intellectual property and sensitive data — with a particular focus on the email inboxes of senior company leaders, according to Mandiant. The company attributed the campaign to a threat actor they previously accused of abusing vulnerabilities in firewall products from tech company Ivanti.

...

2
20
Cloudflare blames today's outage on emergency React2Shell patch (www.bleepingcomputer.com)
submitted 1 day ago* (last edited 1 day ago) by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
 
 

This was not an attack; the change was deployed by our team to help mitigate the industry-wide vulnerability disclosed this week in React Server Components. We will share more information as we have it today.

3
40
Cloudflare down, websites offline with 500 Internal Server Error (www.bleepingcomputer.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
1 comments fedilink
 
 

Seems to be over now.

4
12
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections (thehackernews.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
5
16
WebXR Flaw Hits 4 Billion Chromium Users, Update Your Browser Now – Hackread (hackread.com)
submitted 1 day ago* (last edited 1 day ago) by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
1 comments fedilink
6
11
To Catch a Predator: Leak exposes the internal operations of Intellexa’s mercenary spyware - Amnesty International Security Lab (securitylab.amnesty.org)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
7
3
2025 ISC2 Cybersecurity Workforce Study (www.isc2.org)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
8
8
700Credit Reveals Data Breach - TechRepublic (www.techrepublic.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
9
6
Microsoft ignores LNK vulnerability, 0patch steps in | Cybernews (cybernews.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
1 comments fedilink
10
5
Splunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissions (cybersecuritynews.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
11
4
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells (www.bleepingcomputer.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
12
3
New GhostFrame Phishing Framework Hits Over One Million Attacks - Infosecurity Magazine (www.infosecurity-magazine.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
13
31
29.7 Tbps DDoS Attack Via Aisuru botnet Breaks Internet With New World Record (cybersecuritynews.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
1 comments fedilink
14
22
India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse (thehackernews.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
2 comments fedilink
15
2
LummaC2 Infects North Korean Hacker Device Linked to Bybit Heist – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More (hackread.com)
submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
16
9
CISA warns of Chinese "BrickStorm" malware attacks on VMware servers (www.bleepingcomputer.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
17
10
Malicious Rust packages targeted Web3 developers - Help Net Security (www.helpnetsecurity.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
18
17
Freedom Mobile discloses data breach exposing customer data (www.bleepingcomputer.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
19
13
Penn and Phoenix Universities Disclose Data Breach After Oracle Hack - SecurityWeek (www.securityweek.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
20
9
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading | Trend Micro (US) (www.trendmicro.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
21
9
Fake ChatGPT Atlas Browser Used in ClickFix Attack to Steal Passwords – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More (hackread.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
22
10
Critical React and Next.js Flaw Lets Remote Attackers Run Malicious Code (gbhackers.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
23
11
UK Ransomware Payment Ban to Come with Exemptions - Infosecurity Magazine (www.infosecurity-magazine.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
24
6
Google fixes two Android zero days exploited in attacks, 107 flaws (www.bleepingcomputer.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
25
8
Marquis data breach impacts over 74 US banks, credit unions (www.bleepingcomputer.com)
submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
0 comments fedilink
view more: next ›