Author | Lightnews

piggo

piggo

@pigondrugs.bsky.social

24 followers 6 following 620 posts

I sheer alpacas and try to defend the internet from malware

Posts Media Videos Starter Packs

piggo @pigondrugs.bsky.social · 7h

~Trendmicro~
Trend Micro announces its new Agentic SIEM, integrating XDR and AI to enhance SOC operations and threat hunting.
-
IOCs: (None identified)
-
#AI #SIEM #ThreatIntel #XDR

Trend Micro Introduces Agentic SIEM

www.trendmicro.com

piggo @pigondrugs.bsky.social · 15h

~Zscaler~
Zscaler's DSPM now integrates with Snowflake, offering AI-powered data discovery, risk management, and compliance for the data platform.
-
IOCs: (None identified)
-
#DataSecurity #Snowflake #ThreatIntel #Zscaler

Zscaler DSPM Extends Support to Snowflake

www.zscaler.com

piggo @pigondrugs.bsky.social · 15h

~Zscaler~
Zscaler announced its new Adaptive Access Engine for real-time, dynamic access control based on continuous risk evaluation.
-
IOCs: (None identified)
-
#ThreatIntel #ZeroTrust #Zscaler

Zscaler Introduces Adaptive Access Engine

www.zscaler.com

piggo @pigondrugs.bsky.social · 15h

~Cisa~
CISA added CVE-2025-61932 to its KEV catalog due to active exploitation of a Motex LANSCOPE vulnerability.
-
IOCs: CVE-2025-61932
-
#CISA #CVE202561932 #ThreatIntel

CISA Adds CVE-2025-61932 to KEV Catalog

piggo @pigondrugs.bsky.social · 19h

~Socket~
Malicious NuGet packages typosquat the Nethereum library using homoglyphs to exfiltrate crypto wallet keys via a hardcoded C2.
-
IOCs: solananetworkinstance. info
-
#Malware #NuGet #ThreatIntel #Typosquatting

Malicious NuGet Packages Steal Crypto Keys

piggo @pigondrugs.bsky.social · 19h

~Elastic~
Elastic Security Labs details using survival analysis for more accurate vulnerability time-to-patch metrics over traditional MTTR.
-
IOCs: (None identified)
-
#Metrics #ThreatIntel #VulnMgmt

Time-to-Patch Metrics via Survival Analysis

piggo @pigondrugs.bsky.social · 23h

~Trendmicro~
China-aligned APTs Earth Estries and Earth Naga are collaborating, with one acting as an access broker to deploy the other's backdoors.
-
...

China-aligned APTs Collaborate in Espionage Campaigns

www.trendmicro.com

piggo @pigondrugs.bsky.social · 23h

~Sentinelone~
AI is transforming CTI, requiring new research standards to maintain trust and transparency in analytical workflows.
-
IOCs: (None identified)
-
#AI #CTI #ThreatIntel

Analytical Tradecraft in the AI Age

www.sentinelone.com

piggo @pigondrugs.bsky.social · 23h

~Paloalto~
Morocco-based actors (Atlas Lion) use phishing to compromise M365 accounts for long-term persistence and gift card fraud.
-
IOCs: 105. 156. 109. 227, 105. 156. 234. 139, 105. 157. 86. 136
-
#AtlasLion #CloudSecurity #Phishing #ThreatIntel

Jingle Thief Gift Card Fraud Campaign

unit42.paloaltonetworks.com

piggo @pigondrugs.bsky.social · 1d

~Socket~
Socket Basics unifies foundational security scanners like SAST, secrets, container, and CVE scanning into a single platform.
-
IOCs: (None identified)
-
#DevSecOps #SCA #ThreatIntel

Socket Basics Unifies Security Stack

piggo @pigondrugs.bsky.social · 1d

~Cofense~
Threat actors are exploiting the recent AWS outage with phishing campaigns that prey on user confusion and urgency.
-
IOCs: (None identified)
-
#AWS #Phishing #ThreatIntel

AWS Outage Phishing Risk

piggo @pigondrugs.bsky.social · 1d

~Cisa~
CISA released 10 advisories for vulnerabilities in Rockwell, Siemens, and Schneider Electric ICS products.
-
IOCs: (None identified)
-
#ICS #ThreatIntel #Vulnerability

CISA Releases 10 ICS Advisories

piggo @pigondrugs.bsky.social · 1d

~Varonis~
Attackers could bypass Azure safeguards using hidden Unicode characters to create malicious apps impersonating trusted Microsoft services.
-
IOCs: (None identified)
-
#Azure #Microsoft #Phishing #ThreatIntel

Azure App Impersonation via Unicode Bypass

www.varonis.com

piggo @pigondrugs.bsky.social · 1d

~Socket~
Socket has launched experimental malware scanning for Hugging Face AI models to detect supply chain threats like deserialization and runtime attacks.
-
IOCs: (None identified)
-
#AI #HuggingFace #SupplyChain #ThreatIntel

Experimental Malware Scanning for Hugging Face

piggo @pigondrugs.bsky.social · 1d

~Elastic~
Threat actors exploit misconfigured IIS servers using public machine keys to deploy the TOLLBOOTH backdoor for SEO cloaking and persistence.
-
IOCs: c. cseo99. com, f. fseo99. com, api. aseo99. com
-
#IIS #TOLLBOOTH #ThreatIntel

TOLLBOOTH IIS Backdoor Campaign

piggo @pigondrugs.bsky.social · 1d

~Trendmicro~
Vidar Stealer 2.0 is a rewritten infostealer with multithreading and advanced evasion, targeting a wide range of credentials and data.
-
IOCs: (None identified)
-
#Infostealer #ThreatIntel #Vidar

Vidar Stealer 2.0: Upgraded Infostealer Capabilities

www.trendmicro.com

piggo @pigondrugs.bsky.social · 1d

~Sekoia~
The undocumented 'UserAuthenticationMethod' field in M365 audit logs is a bitfield that can be decoded to identify specific primary authentication methods.
-
IOCs: (None identified)
-
#DFIR #M365 #ThreatIntel

Decoding Microsoft 365's UserAuthenticationMethod Field

piggo @pigondrugs.bsky.social · 1d

~Mandiant~
Pro-Russia IO campaigns (Portal Kombat, Doppelganger) are exploiting a Russian drone incursion to spread disinformation targeting Poland and NATO.
-
IOCs: (None identified)
-
#Disinformation #Poland #Russia #ThreatIntel

Pro-Russia IO Exploits Drone Incursion

cloud.google.com

piggo @pigondrugs.bsky.social · 1d

~Anyrun~
New 'Tykit' phishing kit uses SVG files and multi-stage redirects to steal Microsoft 365 corporate credentials.
-
IOCs: segy. zip, segy. xyz, segy2. cc
-
#Phishing #ThreatIntel #Tykit

New Tykit Phishing Kit Steals M365 Accounts

piggo @pigondrugs.bsky.social · 2d

~Socket~
A cluster of 131 cloned Chrome extensions are being used as spamware to automate bulk messaging on WhatsApp.
-
IOCs: zapvende. com, lobovendedor. com. br, youseller. com. br
-
#ChromeExtension #Spamware #ThreatIntel #WhatsApp

131 Spamware Chrome Extensions Target WhatsApp

piggo @pigondrugs.bsky.social · 2d

~Microsoft~
Microsoft's 2025 Digital Defense Report finds over half of all cyberattacks are now driven by extortion and ransomware for financial gain.
-
IOCs: (None identified)
-
#Cybercrime #Ransomware #ThreatIntel

Microsoft Report: Extortion & Ransomware Drive Attacks

blogs.microsoft.com

piggo @pigondrugs.bsky.social · 2d

~Microsoft~
Microsoft has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for its SIEM solution, Microsoft Sentinel.
-
IOCs: (None identified)
-
#Gartner #Microsoft #SIEM #ThreatIntel

Microsoft Named a 2025 Gartner SIEM Leader

www.microsoft.com

piggo @pigondrugs.bsky.social · 2d

~Microsoft~
Threat actors are actively targeting Azure Blob Storage using a full attack chain from reconnaissance and initial access to data exfiltration and impact.
-
IOCs: (None identified)
-
#Azure #CloudSecurity #ThreatIntel

Threats Targeting Azure Blob Storage

www.microsoft.com

piggo @pigondrugs.bsky.social · 2d

~Mandiant~
Russian state-actor COLDRIVER deploys new NOROBOT & MAYBEROBOT malware after their LOSTKEYS tool was publicly disclosed.
-
IOCs: 85. 239. 52. 32, system-healthadv. com, southprovesolutions. com
-
#COLDRIVER #Malware #ThreatIntel

COLDRIVER's New Malware

cloud.google.com

piggo @pigondrugs.bsky.social · 2d

~Cisa~
CISA adds five actively exploited vulnerabilities affecting Apple, Microsoft, Oracle, and Kentico products to its KEV catalog.
-
IOCs: CVE-2025-33073, CVE-2025-61884, CVE-2022-48503
-
#CISA #PatchNow #ThreatIntel #Vulnerability

CISA Adds 5 Vulns to KEV Catalog