home.social

#pebbledash — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #pebbledash, aggregated by home.social.

  1. Kimsuky APT Expands Arsenal with Advanced PebbleDash Malware Tools

    Kimsuky's malware arsenal just got a major boost with the addition of advanced PebbleDash tools, allowing the group to infiltrate systems with even more sophisticated tactics. Their latest campaign uses clever spear-phishing and malicious attachments to catch victims off guard.

    osintsights.com/kimsuky-apt-ex

    #Apt #Kimsuky #Pebbledash #MalwareOperations #NationState

  2. Die Band Pebbledash aus Cork hat ihrer aktuellen Tour den Namen Of Seaweed and Sandstone gegeben – ein Titel, der nicht nur schön klingt, sondern auch ziemlich gut beschreibt, worum es ihnen gerade geht. Da, wo Meer auf Fels trifft, entsteht Spannung – genau wie in ihren neuen Songs. Hier ist die aktuelle und wunderschöne […] …
    #Pebbledash
    #indiemusic
    nicorola.de/pebbledash-ashas-w

  3. Good day everyone!

    The wonderful researchers at AhnLab, Inc. Security Intelligence Center (ASEC) publishes their findings on recent attacks they observed coming from the #Kimsuky group. The APT group delivered malicious .LNK files through spear-phishing attacks and these files contained the company's they were targeting names, which would suggested this was a targeted attack. As the attack progressed, the #PebbleDash backdoor and a custom version of #RDPWrapper (which is a software that enabled remote desktop on systems that may not support Windows Native RDP).

    Behavior Summary (With MITRE ATT&CK):
    Initial Access:
    Phishing: Spearphishing Attachment (T1566.001) - Kimsuky delivered their malicious .LNK files through email.

    Execution:
    Comand and Scripting Interpreter: Powershell (T1059.001) - When the LNK file is executed, a powershell (or mshta.exe) is executed to download and execute addtional payloads from external sources.

    Defense Evasion:
    System Binary Proxy Execution: Mshta (T1218.005) - When the LNK file is executed it could lead to mshta executed to download and execute addtional payloads from external sources.

    Masquerading: Masquerade File Type (T1036.008) - The .LNK files are disguised as a document file with an Office document icon such as PDF, Excel, or Word.

    Collection/Credential Access:
    Input Capture: Keylogging (T1056.001)
    The APT group used a powershell script to perform keylogging and also installs keyloggers in executable file format.

    You know the drill! Go check out the article for a lot more technical details! Enjoy and Happy Hunting!

    Persistent Threats from the Kimsuky Group Using RDP Wrapper
    asec.ahnlab.com/en/86098/

    Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

  4. I want a house with a pebbledash facade. It's just so grim, and super durable. Would be cool to have a house that looks like a transformer station. ¯\_(ツ)_/¯
    #pebbledash

    en.wikipedia.org/wiki/Roughcas

  5. The demise of grandeur. The side door of 1 Framlington Place, Newcastle, UK, once the home of Emerson Bainbridge, founder of the worlds 1st department store in 1849 (allegedly). The front of the property (an end terrace) is fully restored and beautiful.
    #Victorian #Pebbledash #Doorway #House