Char

@Char@noc.social
84 Followers
147 Following
1.1K Posts
Engineer interested in cyber security, cloud and other technologies.
Gitlabhttps://gitlab.com/Hack_Char
Bloghttps://hack-char.dev
New: Microsoft is investigating whether a leak from its early alert system for cybersecurity companies (MAPP) allowed Chinese hackers to exploit flaws in SharePoint before they were patched https://www.bloomberg.com/news/articles/2025-07-25/microsoft-sharepoint-hack-probe-on-whether-chinese-hackers-found-flaw-via-alert?srnd=homepage-americas

Major orgs are continuing to be accessed via #CitrixBleed2 without realising, today.

Left: vulnerable servers to #CitrixBleed2

Right: vulnerable servers to SharePoint vuln you've all read about

The SharePoint vuln is actually far smaller in scope and number of victims. The cybersecurity industry is asleep at the wheel.

Talos write-up on Chaos. TTPs in the post.

https://blog.talosintelligence.com/new-chaos-ransomware/

Talos assesses with moderate confidence that the new Chaos ransomware group is either a rebranding of the BlackSuit (Royal) ransomware or operated by some of its former members. This assessment is based on the similarities in TTPs, including encryption commands, the theme and structure of the ransom note, and the use of LOLbins and RMM tools in their attacks.

And IOCs in their repo:

https://github.com/Cisco-Talos/IOCs/tree/main/2025/07

#threatIntel

Unmasking the new Chaos RaaS group attacks

Cisco Talos Incident Response (Talos IR) recently observed attacks by Chaos, a relatively new ransomware-as-a-service (RaaS) group conducting big-game hunting and double extortion attacks.

Cisco Talos Blog

A crucial government cybersecurity contract has expired on Sunday.

The CyberSentry program monitored for malicious activity on the IT and OT networks of US critical infrastructure operators

https://cyberscoop.com/contract-lapse-leaves-critical-infrastructure-cybersecurity-sensor-data-unanalyzed-at-national-lab/

Contract lapse leaves critical infrastructure cybersecurity sensor data unanalyzed at national lab 

A program manager at Lawrence Livermore National Laboratory told lawmakers Tuesday that the recent contract expiration puts OT security at risk.

CyberScoop

@yetzt

Remove All AI Features in Firefox Using About:Config Page

1/Open Mozilla Firefox & type about:config in the address bar & press Enter. It’ll show you a warning message, click on “Accept the Risk & Continue” button

2/Type "browser.ml.chat.enabled" inside the preference search box

3/To deactivate & disable all AI features in Firefox, double-click preference & it’ll change its value to False

https://www.askvg.com/how-to-disable-and-remove-all-ai-features-in-mozilla-firefox/

-
-

This is for desktop as I got rid of my smartphone

I'M MUTING THIS

On the one-year anniversary of CrowdStrike's disastrous crashes that took down millions of computers worldwide, a new study finds 750-plus hospital networks in the US were disrupted, and 200-plus appear to have had outages of patient medical services. https://www.wired.com/story/at-least-750-us-hospitals-faced-disruptions-during-last-years-crowdstrike-outage-study-finds/
At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds

Of those, more than 200 appear to have had outages of services related to patient care following CrowdStrike’s disastrous crash, researchers have revealed.

WIRED

4pm friday afternoon!

everyone push to prod and leave early! gogogogo!

start that compile! launch that deploy! stop watching the github action progress text! reboot the domain controller and the firewall at the same time! cycle all the saml tokens! clear all cached creds! flee to the woods!

If you’re wondering why half the internet broke tonight for a short period, TCS accidentally hijacked Cloudflare.HT @ssamulczyk

Don't tie your identity to your job. Jobs are temporary, often ending unpredictably. When your identity is your work, your mental health is impacted horribly when your job security is at risk or you get let go.

I've seen multiple folks in cyber suffer from this, some barely surviving the ordeal.