Deep Point Labs
@DeepPointLabs
An Open-Source Cyber Threat Intelligence Think-Tank
You might like
To the American people, I say this: As soon as this week, your savings and your pocketbook could be directly impacted by this Republican stunt to block us from raising the debt limit. It’s flat-out dangerous. They need to stop playing Russian roulette with the U.S. economy.
.@nayibbukele just confirmed El Salvador has purchased their first 200 #Bitcoins The game theory that will play out as other countries begin to desire a path to economic independence will be the most important global phenomenon of the 21st century.
Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already— this cannot wait until after the weekend.
Pegasus: commercial iOS / Android spyware that steals text messages, emails, key logs, audio and information from phones; used by repressive regimes against journalists, human rights activists and fleeing refugees searchsecurity.techtarget.com/definition/Peg…
techtarget.com
What is Pegasus malware? | Definition from TechTarget
Learn how threat actors use Pegasus malware, or spyware, to hack iOS or Android devices to steal corporate and government data, record audio and more.
Operation Trojan Shield - offensive cyber operation that resulted in 800 arrests and the seizure of 22 tons of marijuana, two tons of methamphetamine and more than $48 million in currencies; great score against organized crime @FBI
The EU's Digital Covid Certificate program has remarkable similarities to China's social credit system. Both systems track civilian populations and can be used to hinder / enable long distance travel.
Russian OCOs have executed a cyber influence operation that swayed a presidential election which incited an insurrection on the US Capital; haulted 1/5th of US meat supply, 45% of east coast fuel supply, and 15 million gasoline barrels. They are the most evident APT.
Fraudulent crypto currency offer campaigns are being attributed to ~7,000 incidents of reported losses of more than $80 million from October through March 2021.
On May 12, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory: "Darkside Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks." See: us-cert.cisa.gov/sites/default/…
DarkSide ransomware attack on Colonial pipeline impacts 2.5 million gasoline barrels per day; supplies 45% of east coast fuel supply; pipeline down - no recovery eta; may be most disruptive digital ransom operation ever reported
Baduk, a Korean intrusion set, executed a ransomwear attack on the DC police department, stealing 250gb of data including the police chief’s reports, lists of arrests and lists of persons of interest; threatening to leak to criminal orgs nytimes.com/2021/04/27/us/…
Browser fingerprinting allows for unique identification and tracking of individuals worldwide. Tracking is based on http headers, plugins, time zone, screen size/depth, cookies, platform, language and more. coveryourtracks.eff.org
Hafnium, a Chinese government backed intrusion set, automated an Exchange exploit and breached 60,000 businesses worldwide; cloud based systems not affected bloomberg.com/news/articles/…
Rich Communication Services (RCS), the SMS replacement protocol, leaves Billions vulnerable to text message intercept, alteration, & surveillance wired.com/story/rcs-text…
O.MG Cable: counterfeit iPhone charging cable that allows attackers to covertly run commands, access files, and push payloads onto victim devices via an embedded hotspot shop.hak5.org/products/o-mg-…
BlueKeep Mitigation Procedures: Disable unused and unneeded RDP services. Block TCP Port 3389. Enable network level authentication in RDP services to prevent attackers from performing remote code execution without valid credentials. searchsecurity.techtarget.com/definition/Blu…)
Facebook harvests data from various channels (e.g.WhatsApp, Instagram, Facebook itself, and unrelated sites that use Facebook analytics and software) enabling influence operations world-wide. zdnet.com/article/facebo…
Android 10 Security Features: TLS 1.3, Adiantum disk/file-based encryption, jetpack security library, application sandboxes, privacy/location menus, reoccurring app permission requests, geofence disabling on dormant apps, and resettable user identifiers
Kazakhstan required ISPs to distribute full-access root certificates for nation-wide traffic monitoring initiative vailed as a security measure wired.com/story/chrome-f…
![httpcs's profile picture. HTTPCS by @ziwit [European Leader in Offensive Cyber Security]. Vulnerability #scanner and SaaS #cybersecurity solutions for organization.](https://pbs.twimg.com/profile_images/468742971102224384/-vV1VeEM.png)
United States Trends
- 1. #Daytona500 N/A
- 2. Wemby N/A
- 3. Tyler Reddick N/A
- 4. #NBAAllStar26 N/A
- 5. Brandy N/A
- 6. #BuschDashForCash N/A
- 7. NASCAR N/A
- 8. #Sweepstakes N/A
- 9. Michael Jordan N/A
- 10. Scottie Barnes N/A
- 11. Anthony Edwards N/A
- 12. Jamal Murray N/A
- 13. Morikawa N/A
- 14. Team World N/A
- 15. Bridgeman N/A
- 16. Kevin Durant N/A
- 17. Herbst N/A
- 18. Hamlin N/A
- 19. Chase Elliott N/A
- 20. Hocevar N/A
Something went wrong.
Something went wrong.