{"version":"https://jsonfeed.org/version/1","title":"Fulco’s Notes","home_page_url":"https://fulco.net","description":"Fulco’s Notes","author":{"name":"Fulco’s Notes"},"items":[{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/brickstorm-hunting-the-silent-backdoor","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-dark-cyberpunk-style-digital-illustrat_ZP4Gk.png\"/><p>Executive Summary</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/brickstorm-hunting-the-silent-backdoor","title":"BRICKSTORM: Hunting the Silent Backdoor","summary":"Executive Summary","date_modified":"2025-12-04T16:33:30Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-pearson-cyberattack","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-dramatic-photograph-depicting-a-fragme_OtSk3.png\"/><p>On May 9, 2025, Pearson, a global leader in educational publishing and services, confirmed a significant cyberattack that compromised sensitive customer data. The breach, which began in January 2025, was attributed to th...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-pearson-cyberattack","title":"Intelligence Briefing: Pearson Cyberattack","summary":"On May 9, 2025, Pearson, a global leader in educational publishing and services, confirmed a significant cyberattack that compromised sensitive customer data. The breach, which began in January 2025, was attributed to th...","date_modified":"2025-05-14T13:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-new-finance-scam-exploiting-xtwitter-ads","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-stark-conceptual-product-advertisement_Dk-ab.png\"/><p>Overview</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-new-finance-scam-exploiting-xtwitter-ads","title":"Intelligence Briefing: New Finance Scam Exploiting X/Twitter Ads","summary":"Overview","date_modified":"2025-05-12T22:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-noodlophile-stealer-malware-campaign","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-digital-illustration-depicting-a-shado_UUi6z.png\"/><p>Overview</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-noodlophile-stealer-malware-campaign","title":"Intelligence Briefing: Noodlophile Stealer Malware Campaign","summary":"Overview","date_modified":"2025-05-12T21:34:35Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/lawsuit-against-anthropic-ai-by-authors","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-photo-of-a-news-stand-with-a-headline-that-r.png\"/><p>A group of authors, including Andrea Bartz, Charles Graeber, and Kirk Wallace Johnson, has filed a class-action lawsuit against AI company Anthropic, alleging copyright infringement. The lawsuit, filed in a California fe...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/lawsuit-against-anthropic-ai-by-authors","title":"Lawsuit Against Anthropic AI by Authors","summary":"A group of authors, including Andrea Bartz, Charles Graeber, and Kirk Wallace Johnson, has filed a class-action lawsuit against AI company Anthropic, alleging copyright infringement. The lawsuit, filed in a California fe...","date_modified":"2024-08-23T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/briefing-fake-google-authenticator-site-spreads-malware","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-digital-illustration-of-a-latrodectus-spider.png\"/><p>Overview: This briefing examines a sophisticated phishing campaign uncovered by Cyble, which uses a fake Google Authenticator site to distribute the Latrodectus and ACR Stealer malware. The briefing provides insights int...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/briefing-fake-google-authenticator-site-spreads-malware","title":"Briefing: Fake Google Authenticator Site Spreads Malware","summary":"Overview: This briefing examines a sophisticated phishing campaign uncovered by Cyble, which uses a fake Google Authenticator site to distribute the Latrodectus and ACR Stealer malware. The briefing provides insights int...","date_modified":"2024-08-22T16:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ongoing-campaign-refreshes-payloads","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/an-intelligence-briefing-about-an-ongoing-soci.png\"/><p>Overview: This intelligence briefing focuses on a recent social engineering campaign identified by Rapid7, where attackers are leveraging fresh payloads to infiltrate and compromise systems. The report aims to provide in...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ongoing-campaign-refreshes-payloads","title":"Intelligence Briefing: Ongoing Campaign Refreshes Payloads","summary":"Overview: This intelligence briefing focuses on a recent social engineering campaign identified by Rapid7, where attackers are leveraging fresh payloads to infiltrate and compromise systems. The report aims to provide in...","date_modified":"2024-08-22T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/brief-donut-shellcode-delivery-attack","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-3d-render-of-a-donut-with-the-text-shellcode.png\"/><p>The recent diary from the SANS Internet Storm Center highlights a novel attack technique where malicious actors deliver Donut shellcode through a combination of PowerShell and Python scripts. </p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/brief-donut-shellcode-delivery-attack","title":"Brief: Donut Shellcode Delivery Attack","summary":"The recent diary from the SANS Internet Storm Center highlights a novel attack technique where malicious actors deliver Donut shellcode through a combination of PowerShell and Python scripts. ","date_modified":"2024-08-21T17:33:48Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-crystalray","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-futuristic-and-menacing-conceptual-art-piece.png\"/><p>Introduction</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-crystalray","title":"Intelligence Briefing: CRYSTALRAY","summary":"Introduction","date_modified":"2024-07-15T14:09:38Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/cisa-csat-tool-breached","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-striking-illustration-depicting-a-cybersecur.png\"/><p>The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that its Chemical Security Assessment Tool (CSAT) was breached in January 2024. The breach involved the exploitation of vulnerabilities in an Ivan...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/cisa-csat-tool-breached","title":"CISA CSAT Tool Breached","summary":"The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that its Chemical Security Assessment Tool (CSAT) was breached in January 2024. The breach involved the exploitation of vulnerabilities in an Ivan...","date_modified":"2024-06-26T13:43:39Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-linux-malware-controlled-through-discord","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-art-poster-that-combines-elements.png\"/><p>A novel and sophisticated Linux malware has been discovered that utilizes Discord emojis for command and control (C2) communications. This unique method allows threat actors to issue commands to infected systems covertly...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-linux-malware-controlled-through-discord","title":"Intelligence Briefing: Linux Malware Controlled Through Discord","summary":"A novel and sophisticated Linux malware has been discovered that utilizes Discord emojis for command and control (C2) communications. This unique method allows threat actors to issue commands to infected systems covertly...","date_modified":"2024-06-19T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-macos-stealer-via-cracked-cleanmymac","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-art-piece-depicting-a-cyberpunk-w.png\"/><p>The recent reports from Moonlock Labs have identified a new macOS stealer disguised as a cracked version of CleanMyMac. This malware, known as Atomic Stealer (AMOS), has been observed spreading via pirated software sites...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-macos-stealer-via-cracked-cleanmymac","title":"Intelligence Briefing: macOS stealer via Cracked CleanMyMac","summary":"The recent reports from Moonlock Labs have identified a new macOS stealer disguised as a cracked version of CleanMyMac. This malware, known as Atomic Stealer (AMOS), has been observed spreading via pirated software sites...","date_modified":"2024-06-18T18:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-sleepy-pickle","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-menacing-and-conceptual-poster-illustrating-.png\"/><p>The \"Sleepy Pickle\" attack represents a sophisticated and emerging threat in the cybersecurity landscape, targeting machine learning (ML) models through the malicious use of Python's pickle serialization format. This att...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-sleepy-pickle","title":" Intelligence Briefing: Sleepy Pickle","summary":"The \"Sleepy Pickle\" attack represents a sophisticated and emerging threat in the cybersecurity landscape, targeting machine learning (ML) models through the malicious use of Python's pickle serialization format. This att...","date_modified":"2024-06-18T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/ransomware-attacks-on-healthcare","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-dramatic-and-intense-cinematic-scene-set-in-.png\"/><p>A Deadly Threat to Our Well-Being</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/ransomware-attacks-on-healthcare","title":"Ransomware Attacks on Healthcare","summary":"A Deadly Threat to Our Well-Being","date_modified":"2024-06-17T20:49:49Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-warmcookie","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-art-poster-portraying-the-warmcoo.png\"/><p>The WARMCOOKIE backdoor, newly discovered by Elastic Security Labs, has been actively used in phishing campaigns since late April 2024. This malware primarily targets individuals through recruiting-themed phishing emails...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-warmcookie","title":"Intelligence Briefing: Warmcookie","summary":"The WARMCOOKIE backdoor, newly discovered by Elastic Security Labs, has been actively used in phishing campaigns since late April 2024. This malware primarily targets individuals through recruiting-themed phishing emails...","date_modified":"2024-06-17T18:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-arid-viper-apt-group-and-aridspy-campaigns","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/an-intricate-conceptual-art-piece-depicting-a-.png\"/><p>Arid Viper, also known as APT-C-23, Desert Falcons, or Two-tailed Scorpion, is a notorious advanced persistent threat (APT) group primarily targeting Middle Eastern countries. This cyberespionage group has been active si...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-arid-viper-apt-group-and-aridspy-campaigns","title":"Intelligence Briefing: Arid Viper APT Group and AridSpy Campaigns","summary":"Arid Viper, also known as APT-C-23, Desert Falcons, or Two-tailed Scorpion, is a notorious advanced persistent threat (APT) group primarily targeting Middle Eastern countries. This cyberespionage group has been active si...","date_modified":"2024-06-17T14:32:29Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-intellij-idea-leaking-github-access-tokens","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_0242.png\"/><p>JetBrains, the developer of the popular IntelliJ IDEA Integrated Development Environment (IDE), has disclosed a critical security vulnerability affecting the storage of GitHub access tokens. This vulnerability can potent...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-intellij-idea-leaking-github-access-tokens","title":"Intelligence Briefing: IntelliJ IDEA Leaking GitHub Access Tokens","summary":"JetBrains, the developer of the popular IntelliJ IDEA Integrated Development Environment (IDE), has disclosed a critical security vulnerability affecting the storage of GitHub access tokens. This vulnerability can potent...","date_modified":"2024-06-13T15:57:35Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-commando-cat-cryptojacking","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-stunning-3d-render-of-a-futuristic-cat-comma.png\"/><p>Overview</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-commando-cat-cryptojacking","title":"Intelligence Briefing: Commando Cat Cryptojacking","summary":"Overview","date_modified":"2024-06-08T18:52:03Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/high-profile-tiktok-accounts-hijacked-in-zero-click","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-futuristic-conceptual-art-piece-showing-a-3d.png\"/><p>On June 5, 2024, a significant security incident was reported involving the compromise of several high-profile TikTok accounts. The attack was executed using a zero-click exploit delivered via direct messages (DMs), enab...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/high-profile-tiktok-accounts-hijacked-in-zero-click","title":"High-Profile TikTok Accounts Hijacked in Zero-Click","summary":"On June 5, 2024, a significant security incident was reported involving the compromise of several high-profile TikTok accounts. The attack was executed using a zero-click exploit delivered via direct messages (DMs), enab...","date_modified":"2024-06-05T19:38:56Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-rogue-vpn-provider-busted","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/DALL%C2%B7E%202024-06-01%2018.14.31%20-%20A%20digital%20illust.webp\"/><p>The recent arrest of a rogue VPN provider involved in cybercrime is a critical event that underscores the vulnerabilities associated with virtual private networks (VPNs) when misused or operated by malicious entities. Th...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-rogue-vpn-provider-busted","title":"Intelligence Briefing: Rogue VPN Provider Busted","summary":"The recent arrest of a rogue VPN provider involved in cybercrime is a critical event that underscores the vulnerabilities associated with virtual private networks (VPNs) when misused or operated by malicious entities. Th...","date_modified":"2024-06-04T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/openai-revives-robotics-research-group-after-four-year-hiatus","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-futuristic-scene-where-an-openai-computer-sy.png\"/><p>OpenAI's revival of its robotics research group is a notable shift in its strategy, marking a renewed focus on integrating advanced AI with robotic systems. This move comes after the company disbanded its robotics team i...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/openai-revives-robotics-research-group-after-four-year-hiatus","title":"OpenAI Revives Robotics Research Group After Four-Year Hiatus","summary":"OpenAI's revival of its robotics research group is a notable shift in its strategy, marking a renewed focus on integrating advanced AI with robotic systems. This move comes after the company disbanded its robotics team i...","date_modified":"2024-06-03T19:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-bluedelta-targets-key-networks","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/DALL%C2%B7E%202024-06-01%2018.49.09%20-%20Create%20an%20image%20.webp\"/><p>BlueDelta, a sophisticated advanced persistent threat (APT) group, has been actively targeting key networks across Europe and beyond, leveraging sophisticated multi-phase espionage campaigns. These operations are primari...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-bluedelta-targets-key-networks","title":"Intelligence Briefing: BlueDelta Targets Key Networks","summary":"BlueDelta, a sophisticated advanced persistent threat (APT) group, has been actively targeting key networks across Europe and beyond, leveraging sophisticated multi-phase espionage campaigns. These operations are primari...","date_modified":"2024-06-03T16:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-lilacsquid-apt","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-digital-art-piece-showcasing-a-fu.png\"/><p>The LilacSquid APT is a newly identified advanced persistent threat (APT) group leveraging open-source tools like QuasarRAT for its cyber operations. The group has been primarily targeting government and private organiza...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-lilacsquid-apt","title":"Intelligence Briefing: LilacSquid APT","summary":"The LilacSquid APT is a newly identified advanced persistent threat (APT) group leveraging open-source tools like QuasarRAT for its cyber operations. The group has been primarily targeting government and private organiza...","date_modified":"2024-06-03T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-trojanized-minesweeper-clone-used","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-3d-render-of-a-sinister-minesweep.png\"/><p>Recently, a significant cyber threat has emerged targeting financial organizations in Europe and the U.S. using a trojanized version of the classic Minesweeper game. The attackers have embedded malicious scripts within a...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-trojanized-minesweeper-clone-used","title":"Intelligence Briefing: Trojanized Minesweeper Clone Used","summary":"Recently, a significant cyber threat has emerged targeting financial organizations in Europe and the U.S. using a trojanized version of the classic Minesweeper game. The attackers have embedded malicious scripts within a...","date_modified":"2024-06-03T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-state-backed-actors-exploiting-ai","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-chilling-conceptual-3d-render-of-a-futuristi.png\"/><p>This briefing explores the use of AI by state-backed actors for disinformation campaigns, focusing on recent findings by OpenAI. It addresses these activities' significance, operational methods, and implications for cybe...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-state-backed-actors-exploiting-ai","title":"Intelligence Briefing: State-Backed Actors Exploiting AI","summary":"This briefing explores the use of AI by state-backed actors for disinformation campaigns, focusing on recent findings by OpenAI. It addresses these activities' significance, operational methods, and implications for cybe...","date_modified":"2024-06-02T13:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/microsofts-new-recall-feature-for-copilot-pcs","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/DALL%C2%B7E%202024-06-01%2015.12.48%20-%20An%20image%20depicti.webp\"/><p>The new Recall feature introduced by Microsoft for Copilot+ PCs has generated significant concern in the cybersecurity community. Recall captures and stores screenshots of all user activities locally on the device, enabl...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/microsofts-new-recall-feature-for-copilot-pcs","title":"Microsoft's new Recall feature for Copilot+ PCs","summary":"The new Recall feature introduced by Microsoft for Copilot+ PCs has generated significant concern in the cybersecurity community. Recall captures and stores screenshots of all user activities locally on the device, enabl...","date_modified":"2024-06-01T20:19:26Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/the-threat-of-social-media-account-takeovers","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/create-an-image-of-a-person-using-a-laptop-wit.png\"/><p>Social media has become an integral part of our lives in today's digital age. Platforms like Facebook, Instagram, Twitter, and LinkedIn serve as windows to our social interactions, professional networking, and personal e...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/the-threat-of-social-media-account-takeovers","title":"The Threat of Social Media Account Takeovers","summary":"Social media has become an integral part of our lives in today's digital age. Platforms like Facebook, Instagram, Twitter, and LinkedIn serve as windows to our social interactions, professional networking, and personal e...","date_modified":"2024-06-01T15:38:20Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/unauthorized-access-to-hugging-face-spaces-platform","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-futuristic-cyberpunk-inspired-illustration-o.png\"/><p>This briefing addresses the recent unauthorized access detected by Hugging Face on its Spaces platform. Hugging Face, a significant player in the AI-as-a-Service (AIaaS) sector, provides tools for creating, hosting, and ...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/unauthorized-access-to-hugging-face-spaces-platform","title":"Unauthorized Access to Hugging Face Spaces Platform","summary":"This briefing addresses the recent unauthorized access detected by Hugging Face on its Spaces platform. Hugging Face, a significant player in the AI-as-a-Service (AIaaS) sector, provides tools for creating, hosting, and ...","date_modified":"2024-06-01T15:03:25Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/cve-2024-1086---linux-kernel-use-after-free-vulnerability","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/an-abstract-conceptual-art-piece-that-explores.png\"/><p>CVE-2024-1086 is a high-severity use-after-free vulnerability in the netfilter component of the Linux kernel, allowing local attackers to escalate privileges to root and execute arbitrary code. The U.S. Cybersecurity and...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/cve-2024-1086---linux-kernel-use-after-free-vulnerability","title":"CVE-2024-1086 - Linux kernel: use-after-free vulnerability","summary":"CVE-2024-1086 is a high-severity use-after-free vulnerability in the netfilter component of the Linux kernel, allowing local attackers to escalate privileges to root and execute arbitrary code. The U.S. Cybersecurity and...","date_modified":"2024-05-31T17:55:47Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/technical-security-analysis-deepfaking","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_0075.png\"/><p>Deepfaking video and audio involves creating synthetic media that convincingly replicates a real person’s appearance and voice. The technology behind deepfakes has advanced significantly, allowing malicious actors to imp...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/technical-security-analysis-deepfaking","title":"Technical Security Analysis: Deepfaking","summary":"Deepfaking video and audio involves creating synthetic media that convincingly replicates a real person’s appearance and voice. The technology behind deepfakes has advanced significantly, allowing malicious actors to imp...","date_modified":"2024-05-31T16:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-arup-revealed-as-deepfake-scam-victim","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_0073.png\"/><p>This intelligence briefing addresses the recent cyberattack on Arup, a British multinational engineering and design firm, resulting in a $25 million loss. This case highlights the rising threat of deepfake technology in ...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-arup-revealed-as-deepfake-scam-victim","title":"Intelligence Briefing: Arup Revealed as Deepfake Scam Victim","summary":"This intelligence briefing addresses the recent cyberattack on Arup, a British multinational engineering and design firm, resulting in a $25 million loss. This case highlights the rising threat of deepfake technology in ...","date_modified":"2024-05-31T13:57:27Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/data-classification-and-ownership","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-detailed-and-intricate-digital-illustration-.png\"/><p>Data classification is a critical component of cybersecurity and information governance, directly affecting how organizations manage and protect their data. Understanding data classification and ownership is essential fo...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/data-classification-and-ownership","title":"Data Classification and Ownership","summary":"Data classification is a critical component of cybersecurity and information governance, directly affecting how organizations manage and protect their data. Understanding data classification and ownership is essential fo...","date_modified":"2024-05-30T17:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-shinyhunters-breach-of-ticketmaster","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-digital-illustration-of-a-futuristic-citysca.png\"/><p>The ShinyHunters hacking group has claimed responsibility for breaching Ticketmaster, resulting in the theft of personal data belonging to 560 million users. This briefing aims to provide a comprehensive overview of the ...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-shinyhunters-breach-of-ticketmaster","title":"Intelligence Briefing: ShinyHunters Breach of Ticketmaster","summary":"The ShinyHunters hacking group has claimed responsibility for breaching Ticketmaster, resulting in the theft of personal data belonging to 560 million users. This briefing aims to provide a comprehensive overview of the ...","date_modified":"2024-05-30T15:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-sav-rx-data-breach","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-cinematic-scene-of-a-hacker-in-a-dark-room-i.png\"/><p>On April 30, 2024, Sav-Rx disclosed a data breach where unauthorized access to their systems occurred on or around October 8, 2023. The breach compromised the sensitive information of 2,812,336 individuals. The affected ...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-sav-rx-data-breach","title":"Intelligence Briefing: Sav-RX Data Breach","summary":"On April 30, 2024, Sav-Rx disclosed a data breach where unauthorized access to their systems occurred on or around October 8, 2023. The breach compromised the sensitive information of 2,812,336 individuals. The affected ...","date_modified":"2024-05-30T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/introduction-to-cryptography","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-captivating-image-of-a-digital-workspace-whe.png\"/><p>What is Cryptography?</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/introduction-to-cryptography","title":"Introduction to Cryptography","summary":"What is Cryptography?","date_modified":"2024-05-29T19:22:24Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-justice-av-solutions-malware","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_0048.png\"/><p>This briefing provides an analysis of the recent malware attack involving Justice AV Solutions (JAVS), a company that provides digital recording and management solutions for courtrooms. The malware compromised JAVS’s sof...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-justice-av-solutions-malware","title":"Intelligence Briefing: Justice AV Solutions Malware","summary":"This briefing provides an analysis of the recent malware attack involving Justice AV Solutions (JAVS), a company that provides digital recording and management solutions for courtrooms. The malware compromised JAVS’s sof...","date_modified":"2024-05-28T15:57:21Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-orb-networks","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-futuristic-3d-render-illustration-of-a-high-.png\"/><p>ORB Networks refers to a China-nexus espionage campaign targeting various sectors globally. This briefing presents an in-depth analysis of the threat actors involved, their tools and techniques, recent developments, and ...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-orb-networks","title":"Intelligence Briefing: ORB Networks","summary":"ORB Networks refers to a China-nexus espionage campaign targeting various sectors globally. This briefing presents an in-depth analysis of the threat actors involved, their tools and techniques, recent developments, and ...","date_modified":"2024-05-24T17:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ikaruz-red-team","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-high-tech-futuristic-scene-with-the-ikaruz-r.png\"/><p>The Ikaruz Red Team, identified as a hacktivist group, has been leveraging ransomware not for profit but to garner attention for their political and social causes. This briefing will provide a comprehensive overview of t...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ikaruz-red-team","title":"Intelligence Briefing: Ikaruz Red Team","summary":"The Ikaruz Red Team, identified as a hacktivist group, has been leveraging ransomware not for profit but to garner attention for their political and social causes. This briefing will provide a comprehensive overview of t...","date_modified":"2024-05-24T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ghostengine","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-cutting-edge-conceptual-art-poster-showcasin.png\"/><p>GhostEngine is a recent threat that has gained attention for its ability to disable Endpoint Detection and Response (EDR) tools using vulnerable drivers to facilitate cryptocurrency mining. This report will provide a com...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ghostengine","title":"Intelligence Briefing: GhostEngine","summary":"GhostEngine is a recent threat that has gained attention for its ability to disable Endpoint Detection and Response (EDR) tools using vulnerable drivers to facilitate cryptocurrency mining. This report will provide a com...","date_modified":"2024-05-23T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-gitcaught","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-futuristic-and-conceptual-3d-render-of-a-cyb.png\"/><p>The “GitCaught” campaign highlights a rising threat where cybercriminals exploit GitHub and Bitbucket repositories for malicious activities. Understanding the scope and methodologies used in this campaign is critical for...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-gitcaught","title":"Intelligence Briefing: GitCaught","summary":"The “GitCaught” campaign highlights a rising threat where cybercriminals exploit GitHub and Bitbucket repositories for malicious activities. Understanding the scope and methodologies used in this campaign is critical for...","date_modified":"2024-05-22T16:30:07Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ebury-malware","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_6659.png\"/><p>Ebury, also known as \"Linux/Ebury,\" is a sophisticated backdoor malware that primarily targets Linux and Unix-based systems. First discovered in 2011, it has been used in various campaigns for credential theft and spam d...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ebury-malware","title":"Intelligence Briefing: Ebury Malware","summary":"Ebury, also known as \"Linux/Ebury,\" is a sophisticated backdoor malware that primarily targets Linux and Unix-based systems. First discovered in 2011, it has been used in various campaigns for credential theft and spam d...","date_modified":"2024-05-21T16:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-dns-tunneling","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_6664.png\"/><p>DNS tunneling is an insidious cyber threat that exploits the Domain Name System (DNS) protocol to establish covert channels for command and control (C2) communication and data exfiltration. Often overlooked by traditiona...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-dns-tunneling","title":"Intelligence Briefing: DNS Tunneling","summary":"DNS tunneling is an insidious cyber threat that exploits the Domain Name System (DNS) protocol to establish covert channels for command and control (C2) communication and data exfiltration. Often overlooked by traditiona...","date_modified":"2024-05-21T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/password-manager-risks","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_6661.png\"/><p>As organizations and individuals increasingly adopt password management software to store and generate secure passwords, the security of these tools becomes paramount. This briefing explores the threats, vulnerabilities,...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/password-manager-risks","title":"Password Manager Risks","summary":"As organizations and individuals increasingly adopt password management software to store and generate secure passwords, the security of these tools becomes paramount. This briefing explores the threats, vulnerabilities,...","date_modified":"2024-05-20T18:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-us-ai-experts-targeted-in-sugargh0st-rat","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_6616-a125b8a.png\"/><p>US AI experts have become the latest targets of a sophisticated cyber espionage campaign involving the SugarGh0st Remote Access Trojan (RAT). This campaign, believed to be orchestrated by state-sponsored threat actors, a...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-us-ai-experts-targeted-in-sugargh0st-rat","title":"Intelligence Briefing: US AI Experts Targeted in SugarGh0st RAT","summary":"US AI experts have become the latest targets of a sophisticated cyber espionage campaign involving the SugarGh0st Remote Access Trojan (RAT). This campaign, believed to be orchestrated by state-sponsored threat actors, a...","date_modified":"2024-05-20T17:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-metamorfo-banking-trojan","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_6580.png\"/><p>Metamorfo is a banking trojan that primarily targets financial institutions and individual users in Brazil. This malware is known for its sophisticated evasion techniques and ability to steal sensitive financial informat...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-metamorfo-banking-trojan","title":"Intelligence Briefing: Metamorfo Banking Trojan","summary":"Metamorfo is a banking trojan that primarily targets financial institutions and individual users in Brazil. This malware is known for its sophisticated evasion techniques and ability to steal sensitive financial informat...","date_modified":"2024-05-20T13:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-docusign-templates-to-blackmail-steal","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/IMG_6617.png\"/><p>Scammers are increasingly using fake DocuSign templates as part of sophisticated phishing campaigns to blackmail and steal from companies. This method exploits the trust that businesses place in legitimate document-signi...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-docusign-templates-to-blackmail-steal","title":"Intelligence Briefing: DocuSign Templates to Blackmail & Steal","summary":"Scammers are increasingly using fake DocuSign templates as part of sophisticated phishing campaigns to blackmail and steal from companies. This method exploits the trust that businesses place in legitimate document-signi...","date_modified":"2024-05-19T17:24:56Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-kimsuky-apt-using-newly-discovered-gomir","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-3d-render-illustration-of-the-kim.png\"/><p>Kimsuky, also known as Thallium, Black Banshee, and Velvet Chollima, is a North Korean advanced persistent threat (APT) group active since at least 2012. The group is primarily engaged in cyber espionage activities targe...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-kimsuky-apt-using-newly-discovered-gomir","title":"Intelligence Briefing: Kimsuky APT Using Newly Discovered GOMIR","summary":"Kimsuky, also known as Thallium, Black Banshee, and Velvet Chollima, is a North Korean advanced persistent threat (APT) group active since at least 2012. The group is primarily engaged in cyber espionage activities targe...","date_modified":"2024-05-17T14:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/briefing-anthropic-expands-to-europe","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-groundbreaking-cinematic-conceptual-artwork-.png\"/><p>Anthropic, a leading competitor in generative AI in the United States, is expanding its AI assistant, Claude, to Europe, offering support for multiple languages, including French, German, Italian, and Spanish. The compan...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/briefing-anthropic-expands-to-europe","title":"Briefing: Anthropic Expands to Europe","summary":"Anthropic, a leading competitor in generative AI in the United States, is expanding its AI assistant, Claude, to Europe, offering support for multiple languages, including French, German, Italian, and Spanish. The compan...","date_modified":"2024-05-17T12:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ongoing-malware-distribution-campaign","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-conceptual-poster-with-a-vibrant-and-futuris.png\"/><p>A malicious campaign is currently underway, distributing trojanized installers of popular software applications WinSCP and PuTTY through malicious search engine advertisements. This campaign poses a significant threat to...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-ongoing-malware-distribution-campaign","title":"Intelligence Briefing: Ongoing Malware Distribution Campaign","summary":"A malicious campaign is currently underway, distributing trojanized installers of popular software applications WinSCP and PuTTY through malicious search engine advertisements. This campaign poses a significant threat to...","date_modified":"2024-05-16T20:00:00Z"},{"id":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-quishing","html_content":"<img src=\"https://img1.wsimg.com/isteam/ip/588326ca-4aed-489f-bea9-7ee314e84591/a-striking-3d-render-illustration-depicting-a-.png\"/><p>Quishing, or QR code phishing, is an emerging cyber threat where malicious actors use QR codes to direct victims to phishing websites. This technique leverages the widespread use of QR codes, which gained popularity duri...</p>","url":"https://fulco.net/fulco%E2%80%99s-notes/f/intelligence-briefing-quishing","title":"Intelligence Briefing: Quishing","summary":"Quishing, or QR code phishing, is an emerging cyber threat where malicious actors use QR codes to direct victims to phishing websites. This technique leverages the widespread use of QR codes, which gained popularity duri...","date_modified":"2024-05-16T12:00:00Z"}]}