Lightnews — Scholar-powered news

DGSec 🛡️

@dgsec.bsky.social

Security Engineer focused on (#MalwareAnalysis|#DFIR|#CTI). ☣

Always on a learning curve. Linux enthusiast

twitter.com/DGSecNet
dgsec@infosec.exchange

Posts Replies Media Videos

Reposted by DGSec 🛡️

Marc Rivero | @seifreed

@seifreed.bsky.social

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
https://buff.ly/3PuPNuC

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access

In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever…

buff.ly

January 15, 2025 at 5:04 PM

Reposted by DGSec 🛡️

BleepingComputer

@bleepingcomputer.com

A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems.

New stealthy Pumakit Linux rootkit malware spotted in the wild

A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems.

www.bleepingcomputer.com

December 12, 2024 at 10:35 PM

Reposted by DGSec 🛡️

malmoeb.bsky.social

@malmoeb.bsky.social

@P3rpl3xX25 and I investigated an interesting infection chain where a user downloaded an LNK file first (via the rundll32.exe WebDAV method [1]).

The LNK file will run ssh.exe (C:\Windows\System32\OpenSSH\ssh.exe) with the following parameter:

December 5, 2024 at 12:27 PM

Reposted by DGSec 🛡️

Hexacorn

@hexacorn.bsky.social

How to debug Windows service processes in the most old-school possible way...

www.hexacorn.com/blog/2024/11...

November 23, 2024 at 10:29 AM

Reposted by DGSec 🛡️

Cyber Detective

@cybdetective.bsky.social

Online tools for determining geolocation by photo:
agent.earthkit.app (GeoClip + Google Lens)
earthkit.app
geospy.ai or usersearch.ai GeoSpy integration
picarta.ai
labs.tib.eu/geoestimation/
#osint #geoint

September 23, 2024 at 12:21 AM

Reposted by DGSec 🛡️

Cyber Detective

@cybdetective.bsky.social

One of the way to search social media profiles with Google is to use the imagesize operator:
"site: linkedin.com imagesize:100x100"
facebook.com 480x480
instagram.com 150x150
x.com 400x400
tiktok.com 720x720

September 20, 2024 at 12:11 AM

Reposted by DGSec 🛡️

Cyber Detective

@cybdetective.bsky.social

7 free online #OSINT Tools
GHUNT - Google account info
Sherlock - nickname enumeration
Holehe - search accounts by email
Ignorant - search accounts by phone
Whois domain lookup
WhatsApp profile info
HudsonRock - email leaks lookup
osint.rocks
Tip by twitter.com/0xtechrock

September 11, 2024 at 1:31 AM

Reposted by DGSec 🛡️

Tom Hegel

@hegel.bsky.social

Incredible research from the @volexity.com crew here -- a must read!

The month-and-a-half long investigation revealed that GruesomeLarch was able to ultimately breach Organization A’s network by connecting to their enterprise Wi-Fi network. The threat actor accomplished this by daisy-chaining their approach to compromise multiple organizations in close proximity to their intended target, Organization A. This was done by a threat actor who was thousands of miles away and an ocean apart from the victim. Volexity is unaware of any terminology describing this style of attack and has dubbed it the Nearest Neighbor Attack.

November 22, 2024 at 5:40 PM

Reposted by DGSec 🛡️

Aryeh Goretsky

@goretsky.bsky.social

My latest blog post for ESET's WeLiveSecurity is now online!

—————

Your info was stolen - what now? 🤔
Check out our latest blog for tips on how to restore control and protect yourself against future attacks. 📲
#ESET #ProgressProtected #Cybersecurity

www.welivesecurity.com/en/cybersecu...