Welcome to the party, pal!

Dec. 20, 2024, 11:43 a.m.

Description

This end-of-year newsletter discusses cybersecurity trends and personal anecdotes. It emphasizes the importance of multi-factor authentication and password management, highlighting the prevalence of identity-based attacks. The author shares a story about introducing hardware tokens to family members, which was met with limited enthusiasm. The newsletter also mentions Cisco Talos' vulnerability research efforts, recent security headlines, and upcoming events. It concludes with a list of prevalent malware files detected by Talos telemetry.

External References

https://blog.talosintelligence.com/welcome-to-the-party-pal-2/
https://otx.alienvault.com/pulse/6764afb2928e95a5a36d98de
Tags
multi-factor authentication
password management
badbox
2024-12-19
vulnerability research
trojan/win32.coinminer.r174018
hardware tokens
identity-based attacks
win.worm.bitmin-9847045-0
w32.file.malparent
win32.trojan-stealer.petef.fpskk8
malware detection
coinminer:mbt.26mw.in14.talos

Date

  • Created: Dec. 19, 2024, 11:43 p.m.
  • Published: Dec. 19, 2024, 11:43 p.m.
  • Modified: Dec. 20, 2024, 11:43 a.m.

Indicators

  • 873ee789a177e59e7f82d3030896b1efdebe468c2dfa02e41ef94978aadf006f
  • 47ecaab5cd6b26fe18d9759a9392bce81ba379817c53a3a468fe9060a076f8ca
  • a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91
  • 7b3ec2365a64d9a9b2452c22e82e6d6ce2bb6dbc06c6720951c9570a5cd46fe5
  • 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507
Download all indicators here!

Attack Patterns

  • Trojan/Win32.CoinMiner.R174018
  • Coinminer:MBT.26mw.in14.Talos
  • W32.File.MalParent
  • Win.Worm.Bitmin-9847045-0
  • Win32.Trojan-Stealer.Petef.FPSKK8
  • BadBox
  • T1566.003
  • T1589
  • T1586
  • T1556
  • T1110
  • T1204.001
  • T1566.002
  • T1555
  • T1204.002
  • T1566.001
  • T1219
  • T1204
  • T1566
  • T1078