youtube (7)

12703603066?profile=RESIZE_400xTransparent Tribe (aka APT 36, Operation C-Major) has been active since at least 2016 with attacks against Indian government and military personnel.  The group relies heavily on social engineering attacks to deliver a variety of Windows and Android spyware, including spear-phishing and watering hole attacks.

In September 2023, SentinelLabs outlined the CapraTube campaign, which used weaponized Android applications (APK) designed to mimic YouTube, often in a suspected dating context due to the na

12428105877?profile=RESIZE_400xAdobe is recruiting help from its network of photographers and videographers to train its new AI text-to-video generator, but is the company paying enough?   To catch up with other AI video generators like Google's Lumiere and OpenAI's Sora, Adobe is purchasing videos that show people engaging in everyday activities like walking, running, using a cell phone, and working out, and other videos showing emotions like sadness, excitement, or rage.  Adobe also requests simple videos of human anatomy l

12385560484?profile=RESIZE_400xFacebook and Instagram users will start seeing labels on AI-generated images on their social media feeds, part of a broader tech industry initiative to sort between what is real and what is not.  A Meta spokesman said on 06 February 2024 that it is working with industry partners on technical standards to make it easier to identify images and, eventually, video and audio generated by artificial intelligence tools.[1]

See:  https://redskyalliance.org/xindustry/why-do-some-ai-images-look-like-me

Ju

12357997063?profile=RESIZE_400xFortiGuard Labs recently discovered a threat group using YouTube channels to distribute a Lumma Stealer variant.  Analysts found and reported on a similar attack method via YouTube in March 2023.  These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly.  To circumvent straightforward web filter blacklists, the attackers exploit open-sou

11147291066?profile=RESIZE_400xFortiGuard Labs discovered an ongoing threat campaign targeting YouTube viewers searching for pirated software earlier this month.  Videos advertising downloads of “cracked” (aka pirated) software are uploaded by verified YouTube channels with a large number of subscribers.  Victims are led to execute malicious binaries that install multiple malware into their systems focused on harvesting credentials, cryptojacking, and stealing cryptocurrency funds from wallets.

While investigating this campai

11026499476?profile=RESIZE_400xAttackers have been abusing legitimate YouTube attribution links and a Cloudflare CAPTCHA to evade detection.  Cybersecurity company Vade said the use of YouTube attribution links was a new tactic for bypassing email filters scanning for suspicious redirects.

In a newly discovered phishing campaign, victims receive a spoofed email saying their Microsoft 365 password has expired. The email is personalized and contextualized to create an illusion of legitimacy.  Vade researchers noted that the ema

10879261686?profile=RESIZE_400xActivity Summary - Week Ending on 10 November 2022:

  • Red Sky Alliance identified 23,574 connections from new IP’s checking in with our Sinkholes
  • Timeweb[.]ru hit 251x – for the 2nd Week
  • Analysts identified 1,762 new IP addresses participating in various Botnets
  • Patching is Very Important
  • Microsoft Patch Tuesday
  • YouTube - You’re Not Helping
  • Vidar stealer
  • Stolen Data in Australia
  • Lloyd’s of London
  • School System Stands its Ground
  • Oil & Gas - ABBs

Link to full report: IR-22-313-001_weekly313.pdf