Microsoft’s GitHub: A Growing Platform for Delivering Malicious Payloads – January 12th

A Recorded Future report discloses that Microsoft-owned GitHub is a growing and lucrative platform for threat actors to effectively deliver malicious payloads by blending the payloads with legitimate traffic.

The open-source data repository platform’s legitimacy is now being leveraged cleverly by threat actors who are “living-off-trusted-sites”. However, the limitations in the site’s file size and storage stopped large-scale payloads used for data exfiltration from being delivered.

North Korea Continues Crypto Theft Campaign – December 4th

A joint advisory by the Federal Bureau of Investigation (FBI), the Environmental Protection Agency, and the Cybersecurity Infrastructure and Security Agency (CISA) announced the Iranian-based threat actor group “Cyber Av3ngers” compromised over 200 internet-connected devices in the US.

Suspected to be anti-Israeli by motive, the “Cyber Av3ngers” group was behind the Pennsylvania Water Authority hacks, disrupting an industrial control device that was made in Israel.

Chinese cyber-espionage campaign exposed

The China-backed hacking group referred to as RedHotel has been linked to attacks in 17 countries during a three-year espionage campaign. According to cybersecurity firm Recorded Future, RedHotel has been infiltrating sectors such as academia, aerospace, government, media, telecoms, and research while operating across the US, Europe, and Asia.

Blog Post

Microsoft’s GitHub: A Growing Platform for Delivering Malicious Payloads – January 12th

North Korea Continues Crypto Theft Campaign – December 4th

Chinese cyber-espionage campaign exposed