home.social
Sign in Create account

#threathorizon — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #threathorizon, aggregated by home.social.

  1. Security Land @[email protected] ·

    Chinese threat actor UAT-9686 has been compromising Cisco email security systems since late November with a custom backdoor called AquaShell. Organizations should immediately check Cisco Talos advisories for indicators and remediation guidance.

    #SecurityLand #ThreatHorizon #Cisco #UAT9686 #EmailSecurity #APT #China

    Read More: security.land/uat-9686-chinese

    #china #securityland #threathorizon #cisco #uat9686 #emailsecurity
  2. Security Land @[email protected] ·

    Zscaler ThreatLabz documents BlindEagle APT's sophisticated attack on Colombian government infrastructure using steganography, compromised email accounts, and dual malware deployment (Caminho + DCRat). The September 2025 campaign demonstrates evolved tradecraft including Discord CDN abuse and fileless execution chains.

    #SecurityLand #ThreatHorizon #Zscaler #BlindEagle #Colombia #Government #Ecuador #APT #RAT #Malware

    Read More: security.land/blindeagle-colom

    #securityland #threathorizon #zscaler #blindeagle #colombia #government
  3. Security Land @[email protected] ·

    New infrastructure analysis from Censys reveals how the pro-Russian hacktivist group NoName057(16) maintains DDoSia operations through rapid server rotation. Monitoring since mid-2025 shows an average of 6 control servers active simultaneously, but with a mean lifespan of only 2.53 days.

    #SecurityLand #ThreatHorizon #Research #Censys #DDoSia #DDoS #DDoSAttack #NoName057 #Ukraine #Russia #Hacktivism

    Read More: security.land/ddosia-infrastru

    #securityland #threathorizon #research #censys #ddosia #ddos
  4. Security Land @[email protected] ·

    VoidProxy phishing-as-a-service bypasses MFA & SSO for Microsoft 365/Google accounts. Okta Threat Intelligence reveals sophisticated AitM attacks defeating modern authentication. Enterprise security teams: reassess your defenses NOW.

    #SecurityLand #ThreatHorizon #CyberSecurity #PhishingAttack #EnterpriseSecurity #AitM #Phishing #VoidProxy

    Read More: security.land/voidproxy-emerge

    #securityland #threathorizon #cybersecurity #phishingattack #enterprisesecurity #aitm
  5. Doug Bostrom @[email protected] ·

    Ideally, security schemes ought to _shrink_ the #AttackSurface.

    But shrunken attack surfaces are not very glossy. Complexity must be introduced in order to sell bolting on yet another business plan, products and services.

    Here a vulnerability and easy low-skill common point of unauthorized entry was purchased at great cost by customers thinking they were becoming safer, even as by so doing they were expanding the perimeter of their #ThreatHorizon.

    theregister.com/2025/01/09/zer

    #attacksurface #threathorizon