What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot - Researchers have discovered new Emotet samples, a new loader called DarkGate, and a new LokiBot infostealer campaign.
Salesforce Phishing - PhishForce - Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing Facebook Accounts
Fake FlipperZero sites promise free devices after completing offer - A website impersonating Flipper Devices has been discovered, offering free Flipper Zero devices in exchange for completing an offer. However, the site leads to shady browser extensions, scam sites, and collects personal information for malicious purposes.
Shared by Masterschool
Threat intelligence is information about the tactics, techniques, and procedures (TTPs) of threat actors. It is really important because it provides enough information to let companies, businesses, governments, etc, be prepared to defend themselves. Threat Intelligence is a continuing and dynamic process, as cyber threats constantly evolve and adapt. In order for this information to be shared, it must go through a process.
The first step is to collect as much as possible, raw data from all the security logs, networks, public and private sources, internet, social media, dark web, open sources information sharing, etc, and then process it all. After that, we have the analysis and identification, and the results are used in reports and made public and shared. Important to say that threats must be monitored and if necessary, the information is updated.
Some examples of sources of threat intelligence are:
Comentarios