Threat Actors Exploit Blind Spots Beyond Endpoint Defenses

Attackers are now moving at an alarming pace, taking data four times faster than in 2025, and exploiting the blind spots that an over-reliance on endpoint defenses creates. They're striking across multiple surfaces, from cloud services to remote users, to evade detection and get in and out quickly.

https://osintsights.com/threat-actors-exploit-blind-spots-beyond-endpoint-defenses?utm_source=mastodon&utm_medium=social

#EndpointDefenses #BlindSpots #Exfiltration #IncidentResponse #Unit42

Ramp's Sheets AI Exfiltrates Financials

https://www.promptarmor.com/resources/ramps-sheets-ai-exfiltrates-financials

#HackerNews #Ramp #Sheets #AI #Financials #Exfiltration #DataSecurity

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise - https://www.redpacketsecurity.com/dissecting-sapphire-sleet-s-macos-intrusion-from-lure-to-compromise/

#threatintel
#sapphire-sleet
#macos
#social-engineering
#credential-harvest
#exfiltration

🚀 New Talk Dropped for BSides Luxembourg 2026!

In The Wild Cloud Exfiltration Paths You Might Not Expect – Tomas Kabrt

Cloud environments are no longer just infrastructure expansions — they are full-blown attack surfaces. This talk explores how real-world attackers move data out of cloud environments by abusing SaaS integrations, PaaS workflows, and IaaS-level infrastructure behaviors that often go unnoticed in traditional security monitoring.

Based on hundreds of real incident response cases, this session highlights practical exfiltration paths such as SaaS app abuse (Microsoft 365, DocuSign sync flows), ETL-based PaaS exploitation, and cross-cloud IaaS data movement. The focus is on what defenders miss and how to build meaningful detection and telemetry around it.

Tomas Kabrt is a Cloud Threat Intelligence Researcher at CrowdStrike, focusing on cloud intrusions and real-world attacker behavior observed through incident response and threat hunting engagements.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/

📅 Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/

📱 Want an easy way to follow the schedule?
Use Hacker Tracker: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CloudSecurity #ThreatIntel #Exfiltration #IncidentResponse #CyberSecurity

Chinese Supercomputer Breach Exposes Massive 10-Petabyte Data Heist

A massive 10-petabyte data heist has been reported from a state-run Chinese supercomputer, raising urgent questions about the breach and its potential consequences. The staggering scale of the alleged theft has sparked widespread concern, but details about the incident remain scarce.

https://osintsights.com/chinese-supercomputer-breach-exposes-massive-10-petabyte-data-heist?utm_source=mastodon&utm_medium=social

#ChineseSupercomputer #DataBreach #EmergingThreats #Exfiltration #MassiveDataHeist

OTTAWA - The Privacy Commissioner of Canada today held a press conference regarding the digital attack on Telus Canada's networks and information systems. Telus recently announced that attackers had claimed to have exfiltrated nearly 1 petabyte of company data, including customer data, equivalent to approximately 250,000 DVD movies.

The Commissioner announced a full investigation will take place. He also indicated that Canadian consumers should not be excessively worried about the breach of their personally identifiable information (PII), as the attackers will still be obligated to follow the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's data privacy law since passage in 2000.

#Canada #privacy #Telus #hack #hackers #intrusion #exfiltration #PIPEDA #PrivacyCommissioner #security #PII

If the Kardashians launched their own framework it would be Kommand and Kontrol (K2).

The Momager (Kris.exe or Kris.sh): The primary C2 listener.
The Glow Up: Privesc
Keeping Up: Lateral movement

#C2Framework #RedTeaming #PostExploitation #MalwareDevelopment #Infosec #CyberSecurity #EDRBypass #ActiveDirectory #PenTesting #ThreatHunting #MITREATTACK #APTHunting #Shellcode #ZeroDay #Persistence #Exfiltration #BlueTeam #PurpleTeaming #kardashians

#PlaneAlert ICAO: #AE6C12 Tail: #205937
Owner: #USAF
Aircraft: #Lockheed MC-130J Hercules
2026-01-22 10:18:39 CET
#C30J #CommandoII #SpecialOps #Exfiltration https://w.wiki/8pAV
https://globe.adsbexchange.com/?icao=AE6C12&zoom=7&lat=50.949143&lon=3.590240&timestamp=1769073519&showTrace=2026-01-22

#adsb #planefence #planealert by kx1t - https://sdr-e.com/docker-planefence

Claude Cowork Exfiltrates Files

https://www.promptarmor.com/resources/claude-cowork-exfiltrates-files

#HackerNews #ClaudeCowork #Exfiltration #Files #Cybersecurity #DataPrivacy #HackerNews