BlueKeep (CVE-2019-0708) is a vulnerability revealed in May 2019, occurring during the Remote Desktop Protocol (RDP) connection process between a client and server. When a client sends a malicious...

ASEC Blog publishes Ransom & Dark Web Issues Week 4, October 2024 Hacktivist Anonymous Sudan: Indicted by the U.S. Department of Justice IntelBroker Announces New Post on South Korean Government...

Wiz extends support to Okta with identity modeling on the Wiz Security Graph, visibility, risk assessment, and real-time threat detection for your Okta environment

AskAI – Text to Security Graph Query

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only...

WarmCookie is a malware family that emerged in April 2024 and has been distributed via regularly conducted malspam and malvertising campaigns.

TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020.

Novice ransomware group Embargo is testing and deploying a new Rust-based toolkit

Disclaimer: Hudson Rock does not insinuate or imply responsibility or liability on behalf of any parties mentioned herein. The content is intended solely for informational purposes and reflects...

Discover how Operation Overload, a Russia-aligned campaign, uses fake news and AI-generated audio to manipulate the 2024 US election. Learn the tactics and risks.

The Prometei botnet attempted to infiltrate a company’s network using a brute-force attack. Researchers from Trend Micro identified and mitigated the threat by tracing Prometei’s stealthy, modular...

Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor.

Elon Musk’s SpaceX has been accused of trespassing on land owned by US game company, Cards Against Humanity, for more than six months as per a lawsuit filed and announced on September 19, 2024....

Silent Push’s investigation into FUNNULL, a Chinese CDN, reveals its role in hosting extensive malicious infrastructure dubbed "Triad Nexus." This includes over 200,000 algorithmically generated...

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign. The post Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign...

In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign. The post Zimperium’s Zero-Day Protection Against Water Makara Spear-Phishing Campaign...

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group's attack chain, targeted verticals, and potential future TTPs.

Asset visibility is a critical component of operational technology (OT) cybersecurity. But what exactly is asset visibility, and why is... The post What Is Asset Visibility and Why Does It Matter?...

Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers

This article is the result of a collaboration with Josimar. You can find Josimar’s corresponding piece here. One of the world’s most controversial bookmakers takes bets on thousands of amateur...

Learn how Recorded Future improves internal security practices. Phishing simulations, educational campaigns, and interactive training keep employees vigilant and protected.

Attackers are exploiting exposed Docker Remote API servers to deploy a new malware strain named "perfctl." This malware is designed to mine cryptocurrency and can evade detection by disabling...

This blog post provides a chronological overview of the observed ClickFix campaigns. We further share technical details about a ClickFix cluster that uses fake Google Meet video conference pages...

All untrusted code in Chrome, especially JavaScript on websites and within browser extensions, runs in a Sandbox. Practically, this means that the code is limited to the set of APIs instead of...

The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year

Zimperium researchers analyze Necro.N and focuses on the differences and elements. The post The Mobile Malware Chronicles: Necro.N – Volume 101 appeared first on Zimperium.

On 2024-10-18, a research was reported, involving , gaining initial access via API vulnerability, to achieve Resp. disclosure.

The Cosmos blockchain is a popular AppChain SDK used by various blockchains like Osmosis. The main feature developer for the SDK is the Interchain Foundation. In the past 3 years, the Liquid...

On Thursday, the Israel Defense Forces (IDF) announced the death of Hamas leader Yahya Sinwar during an operation in southern Gaza. As part of its announcement, the IDF’s media channel on Telegram...

I have a strange, unique, and fascinating job at Dragos. For the last 6 years, I have served as a... The post The Shifting Landscape of OT Incident Response first appeared on Dragos.