In this week's Out of the Woods: The Threat Hunting Podcast, Scott and Tom dive into some big stories you should know about. They chat about a recent report on cyber attackers using Sliver C2 and simple HTTP servers to spread their tools, which is a good reminder to keep an eye on anything out of the ordinary in your systems. They also touch on a sneaky new malware campaign that's targeting browsers, a clever Windows downgrade attack, and the rise of phishing sites posing as Google Authenticator. The overall takeaway? Stay proactive and keep your SaaS environments locked down, because cyber threats are getting more creative every day.

Top 5 Threat Hunting Headlines - 12 Aug 2024

• https://www.darkreading.com/application-security/saas-apps-present-abbreviated-kill-chain-for-attackers?&web_view=true

• https://reasonlabs.com/research/new-widespread-extension-trojan-malware-campaign

• https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/

• https://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/

• https://cyble.com/blog/double-trouble-latrodectus-and-acr-stealer-observed-spreading-via-google-authenticator-phishing-site/?&web_view=true

Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc