“The girl should be calling men.” Leak exposes Black Basta’s influence tactics

Source: Ars Technica

A leak of 190,000 chat messages traded among members of the Black Basta ransomware group shows that it’s a highly structured and mostly efficient organization staffed by personnel with expertise in various specialties, including exploit development, infrastructure optimization, social engineering, and more.

Link to article 

Microsoft Warns Ransomware Actors Exploiting Windows Flaw

Source: Data Breach Today

Ransomware threat actors exploited a zero-day vulnerability in a widely targeted Windows logging system known for managing transactional records, using it to launch attacks against organizations in the U.S. real estate sector, Microsoft said Tuesday.

Link to article

CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks

Source: The Hacker News

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.

Link to article

Threat Actors Use 'Spam Bombing' Technique to Hide Malicious Motives

Source: Dark Reading

Darktrace researchers detailed "spam bombing," a technique in which threat actors bombard targets with spam emails as a pretense for activity like social engineering campaigns. Threat actors are using a technique known as "spam bombing" to overload victims' email inboxes and provide cover for more harmful activity.

Link to article

Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

Source: Bleeping Computer

A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IAM) credentials from the IMDSv1 endpoint.

Link to article