https://cluster-site.onrender.com/tags/threatintel/ Recent content in Threatintel on Tenu Tech Brief Hugo -- 0.146.0 en-us Tue, 24 Feb 2026 06:04:13 +0000 https://cluster-site.onrender.com/posts/hackers-target-microsoft-entra-accounts-in-device-code-vishing-attacks/ Thu, 19 Feb 2026 12:30:37 +0000 https://cluster-site.onrender.com/posts/hackers-target-microsoft-entra-accounts-in-device-code-vishing-attacks/ • Hackers target Microsoft Entra accounts via device code vishing, exploiting OAuth 2.0 flow. • Attack uses legitimate OAuth client IDs, bypassing phishing sites and standard login https://cluster-site.onrender.com/posts/a-week-in-security-february-9-%238211-february-15/ Mon, 16 Feb 2026 08:02:00 +0000 https://cluster-site.onrender.com/posts/a-week-in-security-february-9-%238211-february-15/ • Credential‑stealing Chrome extensions discovered; Malwarebytes Labs offers detection and removal guide. • Fake online shops target Winter Olympics 2026 fans, phishing for payment https://cluster-site.onrender.com/posts/breaking-the-sound-barrier-part-ii-exploiting-cve-2024-54529/ Fri, 30 Jan 2026 08:00:00 +0000 https://cluster-site.onrender.com/posts/breaking-the-sound-barrier-part-ii-exploiting-cve-2024-54529/ • CVE-2024-54529: type confusion in CoreAudio’s com.apple.audio.audiohald Mach service, causing crashes. • Exploitation involved manipulating Mach messages to fetch wrong HALS_Obje https://cluster-site.onrender.com/posts/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ Tue, 27 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ • CVE-2025-8088: critical path traversal flaw in WinRAR allows arbitrary file writes via ADS. • Exploited by state-backed actors from Russia, China and financially motivated groups https://cluster-site.onrender.com/posts/happy-9th-anniversary-cta-a-celebration-of-collaboration-in-cyber-defense/ Sat, 24 Jan 2026 00:00:53 +0000 https://cluster-site.onrender.com/posts/happy-9th-anniversary-cta-a-celebration-of-collaboration-in-cyber-defense/ • CTA founded in 2014, uniting Palo Alto, Fortinet, McAfee, and Symantec for shared threat intelligence. • Shifted industry from proprietary intel to collaborative defense, raising https://cluster-site.onrender.com/posts/i-scan-you-scan-we-all-scan-for...-knowledge/ Thu, 22 Jan 2026 19:00:11 +0000 https://cluster-site.onrender.com/posts/i-scan-you-scan-we-all-scan-for...-knowledge/ • Reconnaissance is often ignored, yet it’s essential for protecting networks. • Know your environment: attackers excel at mapping assets, from Windows 7 machines to smart fridges. https://cluster-site.onrender.com/posts/konni-adopts-ai-to-generate-powershell-backdoors/ Thu, 22 Jan 2026 13:54:08 +0000 https://cluster-site.onrender.com/posts/konni-adopts-ai-to-generate-powershell-backdoors/ • KONNI leverages AI to auto-generate PowerShell backdoor scripts, streamlining malware development. • AI models produce obfuscated code, enhancing stealth against signature-based https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-the-full-schedule/ Tue, 20 Jan 2026 10:25:51 +0000 https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-the-full-schedule/ • Pwn2Own Automotive 2026 returns to Tokyo, featuring record 73 entries. • Competition spans real‑world automotive components, testing IVI and Level‑2 EV chargers. • Random draw se https://cluster-site.onrender.com/posts/impact-of-ai-on-cyber-threat-from-now-to-2027/ Fri, 16 May 2025 20:03:59 +0000 https://cluster-site.onrender.com/posts/impact-of-ai-on-cyber-threat-from-now-to-2027/ • AI is accelerating threat sophistication, enabling attackers to craft more convincing phishing campaigns. • Machine‑learning models are used to generate polymorphic malware that https://cluster-site.onrender.com/posts/russian-gru-targeting-western-logistics-entities-and-technology-companies/ Mon, 12 May 2025 16:49:12 +0000 https://cluster-site.onrender.com/posts/russian-gru-targeting-western-logistics-entities-and-technology-companies/ • Russian GRU’s 85th GTsSS unit 26165 targets Western logistics and tech firms. • Campaign focuses on coordination, transport, delivery of foreign aid to Ukraine. • Uses known TTPs https://cluster-site.onrender.com/posts/fast-flux-a-national-security-threat/ Tue, 01 Apr 2025 19:00:21 +0000 https://cluster-site.onrender.com/posts/fast-flux-a-national-security-threat/ • Fast flux hides malicious server locations by rapidly changing DNS records. • Enables cybercriminals and nation-state actors to evade detection and maintain C2. • Resilient, high https://cluster-site.onrender.com/posts/threat-report-on-application-stores/ Wed, 12 Mar 2025 11:20:59 +0000 https://cluster-site.onrender.com/posts/threat-report-on-application-stores/ • Malware increasingly hides in legitimate app store listings, exploiting user trust for widespread infection. • Supply‑chain attacks target third‑party libraries, enabling attacke https://cluster-site.onrender.com/posts/the-threat-from-commercial-cyber-proliferation/ Wed, 12 Mar 2025 11:20:26 +0000 https://cluster-site.onrender.com/posts/the-threat-from-commercial-cyber-proliferation/ • Commercial software proliferation expands attack surface, increasing vulnerability exposure across enterprises. • Open-source components in commercial stacks introduce hidden bac https://cluster-site.onrender.com/posts/the-near-term-impact-of-ai-on-the-cyber-threat/ Wed, 12 Mar 2025 11:20:01 +0000 https://cluster-site.onrender.com/posts/the-near-term-impact-of-ai-on-the-cyber-threat/ • AI accelerates threat detection, enabling faster identification of malicious activity. • Adversarial AI allows attackers to craft evasive malware that bypasses traditional defens https://cluster-site.onrender.com/posts/the-cyber-threat-to-universities/ Wed, 12 Mar 2025 11:19:33 +0000 https://cluster-site.onrender.com/posts/the-cyber-threat-to-universities/ • Universities face rising ransomware attacks targeting research data and student records. • Phishing campaigns exploit faculty credentials to gain network access. • Supply‑chain v https://cluster-site.onrender.com/posts/the-cyber-threat-to-uk-business/ Wed, 12 Mar 2025 11:19:11 +0000 https://cluster-site.onrender.com/posts/the-cyber-threat-to-uk-business/ • Ransomware remains the top threat, targeting critical UK business data. • Phishing campaigns exploit remote working, increasing credential theft. • Supply‑chain attacks grow, com https://cluster-site.onrender.com/posts/the-cyber-threat-to-sports-organisations/ Wed, 12 Mar 2025 11:18:10 +0000 https://cluster-site.onrender.com/posts/the-cyber-threat-to-sports-organisations/ • Sports organisations increasingly targeted by ransomware, phishing, and credential‑stealing attacks. • High‑profile events like the Olympics and World Cup attract sophisticated t https://cluster-site.onrender.com/posts/summary-of-the-ncsc-analysis-of-may-2020-us-sanction/ Wed, 12 Mar 2025 11:17:43 +0000 https://cluster-site.onrender.com/posts/summary-of-the-ncsc-analysis-of-may-2020-us-sanction/ • US sanctions in May 2020 targeted Russian cyber actors and infrastructure. • NCSC identified increased threat actor activity following sanction announcements. • Sanctions disrupt https://cluster-site.onrender.com/posts/technical-report-responsible-use-of-the-border-gateway-protocol-bgp-for-isp-interworking/ Wed, 12 Mar 2025 11:12:10 +0000 https://cluster-site.onrender.com/posts/technical-report-responsible-use-of-the-border-gateway-protocol-bgp-for-isp-interworking/ • BGP is critical for inter-ISP routing, requiring strict policy enforcement to prevent leaks and hijacks. • Implement prefix filtering and route origin validation to ensure only l https://cluster-site.onrender.com/posts/incident-trends-report-october-2018-april-2019/ Wed, 12 Mar 2025 11:10:04 +0000 https://cluster-site.onrender.com/posts/incident-trends-report-october-2018-april-2019/ • Over 1,200 cyber incidents reported across 30 countries, highlighting rising ransomware activity. • Ransomware attacks surged 35%, with CryptoLocker variants targeting healthcare