Cyber Threat Intelligence Center (CTIC) LLC

The Black Basta ransomware group is reportedly leveraging Microsoft Teams in its attacks, using chat messages and QR codes to deceive users into granting access. These tactics involve impersonation of support staff through external accounts, directing users to malicious infrastructure, and laterally moving within networks using tools like Cobalt Strike. Recommended defenses include blocking malicious domains, restricting external Teams communications, and enhancing phishing awareness.

Parrot Security have announced the release and general availability of Parrot OS 6.2 as the latest version of this Debian-based distribution for ethical hacking and penetration testing. ParrotOS, Parrot is a FREE and Open source GNU/Linux distribution based on Debian Stable designed for security experts, developers and privacy aware people. This release is powered by Linux kernel 6.10 and ships with updated tools, including Airgeddon 11.30, Anonsurf 5.0.0, and Maltego 4.7.0. You can download ParrotOS by clicking here. Parrot Security strongly advise against using third-party download sources and recommend to stick to the official download links to ensure your security.

A newly disclosed vulnerability in SharePoint (CVE-2024-38904) highlights a significant security risk stemming from the deserialization of untrusted data (CWE-502). Exploiting this flaw can allow attackers to execute arbitrary code on affected systems, putting organizations relying on SharePoint for collaboration and data management at serious risk. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog, emphasizing its potential threat, especially to the federal enterprise. Under Binding Operational Directive (BOD) 22-01, federal agencies must address vulnerabilities like this by specified deadlines to protect their networks from active threats. While BOD 22-01 targets Federal Civilian Executive Branch agencies, CISA strongly encourages all organizations to prioritize the remediation of cataloged vulnerabilities.

I’m thrilled to be presenting at the Wisconsin Governor’s Cybersecurity Summit this year! If you're passionate about protecting our digital infrastructure and learning the latest in cybersecurity strategies, join us! Presentation: "Strategic Defense in the Digital Age: Applying Sun Tzu's Art of War to Cybersecurity Leadership"! Presentation Highlights: Seven Core Principles of Sun Tzu (Applying ancient wisdom to modern cybersecurity strategies), Ten Common Exploits Used by Hackers (Staying ahead of the most prevalent threats), Ten Strategies for Leadership in Cybersecurity (Proven techniques to lead in the face of digital warfare). https://lnkd.in/g8C6yepf Marc Gabrysiak Chris Kreul

Whether you’re running a small business or managing a large enterprise, #cyberthreats are real, and no organization is immune. Cybersecurity Awareness Month is upon us, and it's a great time to evaluate your defenses and strengthen your cybersecurity posture. #cybersecurityawarenessmonth #cybersecurity #cybersecuritytrends #cybersecuritybestpractices #threatmanagement #threatmitigation #vulnerabilitymanagement #malware #ransomware #businessemailcompromise

1. General Cybersecurity - What does CIA stand for in cybersecurity?   - A) Confidentiality, Integrity, Availability   - B) Control, Information, Authentication   - C) Cyber, Internet, Assets   - D) Content, Information, Availability

"...compromise user accounts and obtain access to organizations to modify MFA registrations, enabling persistent access." National Security Agency #criticalinfrastructure 

After a disaster, scammers and other criminals may attempt to exploit survivors. Secure Our World and FEMA urge you to take caution. Learn more at: https://lnkd.in/ezuBzgaU and https://lnkd.in/e2QKH_G3

A recent cyber attack has hit Iranian nuclear facilities, demonstrating the growing sophistication and scale of modern cyber threats. As we continue to build robust defenses and strategies, it’s crucial to stay vigilant and proactive.

The FBI, NSA, CNMF, and UK's NCSC have issued a cybersecurity advisory detailing Russian SVR cyber operations, targeting defense, technology, and finance sectors globally. Known for exploiting vulnerabilities and using techniques like spearphishing and password spraying, the SVR has focused on gaining access and escalating privileges, often through supply chain abuse and custom malware. Organizations are urged to prioritize rapid patching, implement multi-factor authentication, and perform continuous threat monitoring to defend against these sophisticated cyber threats.