Decoding Cobalt Strike Traffic, (Sun, Apr 18th)

In diary entry "Example of Cleartext Cobalt Strike Traffic (Thanks Brad)" I share a capture file I found with unencrypted Cobalt Strike traffic. The traffic is unencrypted since the malicious actors used a trial version of Cobalt Strike. This weekend I carried on with the analysis of that traffic, you can see my findings in […]

Continue Reading

Attack on Codecov Affects Customers

Company Warns Clients’ Information May Have Been ExfiltratedCodecov, a company that tests software code prior to release, has notified customers that attackers had access to its network for a month and placed malware in one of its systems, which may have led to the exfiltration of customers’ information. Source: Bank Info Security

Continue Reading

US Pulls Back Curtain on Russian Cyber Operations

Foreign Intelligence Service’s Techniques, Partners RevealedWhile the Biden administration is betting that the latest round of sanctions aimed at Russia and its economy deter the country’s cyber operations, several U.S. agencies used the sanctions announcement as an opportunity to pull back the curtain on the tactics of Russia’s Foreign Intelligence Service. Source: Bank Info Security

Continue Reading

Ireland’s Privacy Watchdog Launches GDPR Probe of Facebook

Data Protection Commission Sees Likely Violations in Wake of Latest Mega-BreachIreland’s privacy regulator has launched an investigation into Facebook after personal information for 533 million of the social network’s users appeared for sale online. It will analyze whether Facebook violated the country’s data protection law or the EU’s General Data Protection Regulation. Source: Bank Info […]

Continue Reading

Unscripted: 3 Security Leaders Dissect Today's Top Trends

Edna Conway, Wendy Nather and Michelle Dennedy on SASE, CIAM and Supply-Chain RiskNo script, no filter: Just Microsoft’s Edna Conway and Cisco’s Wendy Nather gathering with privacy leader Michelle Dennedy to discuss the impact of the SolarWinds supply-chain attack, and to play Buzzword Mystery Date with SASE, CIAM and “passwordless” authentication – are these trends […]

Continue Reading