China-Aligned Hackers Go Modular with PeckBirdy
China-linked threat groups are using the PeckBirdy framework to abuse built-in system tools and deploy modular backdoors across Asian targets.
Source: Trend Micro
Read more: CyberSecBrief

seen from United States

seen from Malaysia

seen from Singapore
seen from United Kingdom
seen from Malaysia
seen from Belarus

seen from United States
seen from Singapore
seen from Russia
seen from United States
seen from United States

seen from United States
seen from United States

seen from Malaysia
seen from United States
seen from United States

seen from Türkiye
seen from Türkiye

seen from Singapore

seen from Poland
China-Aligned Hackers Go Modular with PeckBirdy
China-linked threat groups are using the PeckBirdy framework to abuse built-in system tools and deploy modular backdoors across Asian targets.
Source: Trend Micro
Read more: CyberSecBrief

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming
SILENTCONNECT Uses Fake Invites to Deploy ScreenConnect
The SILENTCONNECT loader exploits phishing emails and LOLBins to install ScreenConnect, bypassing security controls and running C# code from Google Drive in memory via PowerShell.
Source: Elastic Security Labs
Read more: CyberSecBrief
'Clickfix Attack' Exploits finger.exe Utility for Stealthy Remote Code Execution (RCE)
Read the full report on -
CyberDudeBivash News delivers daily cybersecurity threat intel, CVE alerts, malware trends, and crypto security briefings.
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Attackers' trends tend to come and go. But one popular technique we're seeing at this time is the use of living-off-the-land binaries — or "LoLBins". LoLBins are used by different actors combined with fileless malware and legitimate cloud services to improve chances of staying undetected within an organisation, usually during post-exploitation attack phases. Living-off-the-land tactics mean that attackers are using pre-installed tools to carry out their work. This makes it more difficult for defenders to detect attacks and researchers to identify the attackers behind the campaign. In the attacks we're seeing, there are binaries supplied by the victim's operating system that are normally used for legitimate purposes, but in these cases, are being abused by the attackers. In this post, we will take a look at the use of LOLBins through the lense of Cisco's product telemetry. We'll also walk through the most frequently abused Windows system binaries and measure their usage by analyzing data from Cisco AMP for Endpoints. You'll also find an overview of a few recent campaigns we've seen using LoLBins, along with recommendations for how to detect malicious LoLBins' activities.

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming