1Aug-24
Threat Actors leverage Chinese SHOPOEM Platforms to spread infamous scam campaign
Introduction
As Yarix Cyber Threat Intelligence (YCTI) team, we keep a close eye on and track phishing and scam campaigns on a daily basis. Protecting the reputation and image of client companies is one of the main goals of YCTI’s Brand Abuse team. This includes determining whether and how their officially registered trademarks are being used to spread fraudulent campaigns that...
24Jun-24
Java – Cracking the Random: CVE-2024-29868
TL;DR
If you employ a Java application with a token-based password recovery mechanism, be sure that said token isn't generated using: RandomStringUtils. Spoiler: You can crack it and predict all past and future tokens generated by the application!Some Context
During a Penetration Test I was sifting through the internet - as one often does - looking for ways to...
10May-24
Kelvin Security and Spectre, investigating possible relationships
Kelvin Security and Spectre, investigating possible relationships
Introduction
The Yarix Cyber Threat Intelligence Team (YCTI) has conducted an investigation that has discovered a possible relationship between the threat actor Kelvin Security with another threat actor called Spectre. This relations was identified through the discovery and analysis of an indicator found within an Italian governmental leak that was shared by a malicious actor....
4Apr-24