Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than […]
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source
“Can you try a game I made?” Fake game sites lead to information stealers
The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers. Our thanks go out to them. A new, malicious campaign is making the rounds online and it starts simple: Unwitting targets receive a direct message (DM) on a Discord server asking about their interest in […]
Connected contraptions cause conniption for 2024
The holidays are upon us, which means now is the perfect time for gratitude, warmth, and—because modern society has thrust it upon us—gift buying. It’s Bluey and dig kits and LEGOs for kids, Fortnite and AirPods and backpacks for tweens, and, for an adult you particularly love, it’s televisions, air fryers, e-readers, vacuums, dog-feeders, and […]
Celebrating Our Success in 2024
The past year has been transformative for LevelBlue, marked by the launch of our joint business venture with WillJam and AT&T Cybersecurity. Amid the transition, LevelBlue was recognized as a leading provider of managed network security services, managed detection and response, strategic consulting, and threat intelligence by key cybersecurity publications worldwide. From industry-specific honors for […]
LevelBlue SOC Analysts See Sharp Rise in Cyber Threats: Stay Vigilant
This holiday season our SOC analysts have observed a sharp uptick in cyber threat activity. Specifically, they’ve seen a rise in attempted ransomware attacks, which started during the American Thanksgiving holiday period (November 25–31, 2024) and are expected to continue throughout the holiday season. We’re sharing details on the threat actors involved, their tactics, as […]
Decrypting Full Disk Encryption with Dissect
Author: Guus Beckers Back in 2022 Fox-IT decided to open source its proprietary incident response tooling known as Dissect. Since then it has been adopted by many different companies in their regular workflow. For those of you who are not yet familiar with Dissect, it is an incident response framework built with incident response engagements of any […]
Mozilla Faces GDPR Complaint Over New Firefox Tracking Feature
NOYB, a European privacy group has filed a complaint with Austrian authorities, alleging that Mozilla breached GDPR by…
Darktrace AI Halts Thread Hijacking Attack Targeting Major Company
Darktrace AI detected and stopped a thread hijacking attack in real-time, preventing email account compromise and data theft.…
THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 23-29)
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could’ve opened the door to remote attacks. Google’s switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn’t all good news – Kaspersky’s […]