Collaborate Disseminate
While the evolution of LLMs mark a new era of AI, we must be mindful that new technologies come with new risks. Explore one such risk called “audio-jacking.”
The post Audio-jacking: Using generative AI to distort live audio transactions appeared first on Security Intelligence.
Continue reading Audio-jacking: Using generative AI to distort live audio transactions
Being part of the Adversary Services team at IBM, it is important to keep your skills up to date and learn new things constantly. macOS security was one field where I decided to put more effort this year to further improve my exploitation and operation skills in macOS environments. During my research, I decided to […]
The post Exploiting GOG Galaxy XPC service for privilege escalation in macOS appeared first on Security Intelligence.
Continue reading Exploiting GOG Galaxy XPC service for privilege escalation in macOS
With the increased regulation surrounding cyberattacks, more and more executives are seeing these attacks for what they are – serious threats to business operations, profitability and business survivability. But what about the Board of Directors? Are they getting all the information they need? Are they aware of your organization’s cybersecurity initiatives? Do they understand why […]
The post Empowering cybersecurity leadership: Strategies for effective Board engagement appeared first on Security Intelligence.
Continue reading Empowering cybersecurity leadership: Strategies for effective Board engagement
Recent analysis of Hive0051 has identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware.
The post Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing appeared first on Security Intelligence.
Attackers seem to innovate nearly as fast as technology develops. Day by day, both technology and threats surge forward. Now, as we enter the AI era, machines not only mimic human behavior but also permeate nearly every facet of our lives. Yet, despite the mounting anxiety about AI’s implications, the full extent of its potential […]
The post AI vs. human deceit: Unravelling the new age of phishing tactics appeared first on Security Intelligence.
Continue reading AI vs. human deceit: Unravelling the new age of phishing tactics
Last month Microsoft patched a vulnerability in the Microsoft Kernel Streaming Server, a Windows kernel component used in the virtualization and sharing of camera devices. The vulnerability, CVE-2023-36802, allows a local attacker to escalate privileges to SYSTEM. This blog post details my process of exploring a new attack surface in the Windows kernel, finding a […]
The post Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service appeared first on Security Intelligence.
Continue reading Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service
In a blog published this March, we explored reflective loading through the lens of an offensive security tool developer, highlighting detection and evasion opportunities along the way. This time we are diving into call stack detections and evasions, and how BokuLoader reflectively loads call stack spoofing capabilities into beacon. We created this blog and public […]
The post Reflective call stack detections and evasions appeared first on Security Intelligence.
Continue reading Reflective call stack detections and evasions
This post was made possible through the contributions of Bastien Lardy and Ruben Castillo. In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The […]
The post X-Force uncovers global NetScaler Gateway credential harvesting campaign appeared first on Security Intelligence.
Continue reading X-Force uncovers global NetScaler Gateway credential harvesting campaign
Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still […]
The post “Authorized” to break in: Adversaries use valid credentials to compromise cloud environments appeared first on Security Intelligence.
IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. Explore the analysis.
The post Email campaigns leverage updated DBatLoader to deliver RATs, stealers appeared first on Security Intelligence.
Continue reading Email campaigns leverage updated DBatLoader to deliver RATs, stealers