There are a lot of hacktivist groups and known adversaries engaged in the cyber conflict around the #IsraelPalestineConflict.
@CrowdStrike pulled together a graphic to highlight some of what we're seeing.
adam_cyber
3,106 posts
adam_cyber
@Adam_Cyber
I'm from the Internet and I'm here to help
The Internet
Joined April 2009
- New research from @CrowdStrike Intel on Scattered Spider Bringing their Own Vulnerable Device Driver to Windows:
- @CrowdStrike has identified exploitation of #log4j vulnerability by threat actors that more closely resembles targeted intrusion consistent with advanced attackers, such as deploying web shells and conducting lateral movement.
- Since everyone is talking about darkside at the moment - check out this @CrowdStrike Intel blog on how they target ESXi and their connection to Carbon Spider: crowdstrike.com/blog/carbon-sp… #darkside #ColonialPipeline #Ransomware
- Awesome work by @CrowdStrike Intel team documenting #ransonware actors targeting of hypervisor crowdstrike.com/blog/carbon-sp…
- crowdstrike.com/blog/log4j2-vu… Excellent work by @CrowdStrike intel team detailing what has been a whirlwind day! #log4j
- SUNSPOT the malware used to drop SUNBURST has been identified - excellent analysis by @CrowdStrike Intelligence:
- I am very excited to publicly unveil our new @CrowdStrike Counter Adversary Operations! Consolidating our market leading Threat Intelligence and game changing OverWatch Threat Hunting teams into a new entity charged with raising the cost for adversaries!
- We added some additional information to the @CrowdStrike #log4js blog including additional countermeasures and adversary attempts to defeat them.
- @CrowdStrike has identified a malicious Java class file hosted on infra associated with a nation state adversary. The Java code is used to download known instances of adversary specific tooling and is likely to be used in conjunction with the recently disclosed #log4j issue.
- #threatintel in cars with @JohnHultquist - @CrowdStrike and @Mandiant carpooling and keeping that carbon footprint low
- Does Scattered Spider seem to be everywhere? The scope of their intrusions since March 2022 from a @CrowdStrike perspective is pretty broad. They use social engineering, living off the land, and RMM tools before deploying ransomware or conducting extortion.
- Very excited to release the @CrowdStrike 2023 Global Threat Report today - get it here: crwdstr.ke/60123vKer See key insights into adversary behavior in 2022 and how the threat is evolving including data weaponization, cloud targeting, and more!
