Feds once again fix up compromised retail routers under court order.

Disagreement over security disclosures and bug-fixing priorities led to split.

In cloud security, the most compelling love story is the one between developers and security teams. This Valentine’s Day, let's shine a spotlight on these dynamic duos.

The Polygon proof of stake network relies on three different parts: a consensus layer called Heimdall, an execution layer called Bor (fork of Geth) and a set of smart contracts. For this...

Within the Olympus ecosystem, they have three different price feeds that can be used. If one of them reverts, then it simply uses the other ones. So, what could possibly go wrong? The key to the...

Before even diving into the target itself, the author goes through how they themselves pick a target. Ecosystem: the more mature the thing, the more bugs it's going to have. TVL range: very large,...

On 2024-02-15, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting Confluence Server to achieve Resource hijacking. The following tools...

JumpServer is a privileged access management (PAM) system that is open source. Typically, a jump server is a server that can be connected to from the outside world in order to talk to internal and...

Bitdefender Labs has been keeping up with the latest modus operandi of cybercrooks who adapt emerging technologies to siphon money from consumers. Artificial intelligence is just one of the many...

Bitdefender Labs has been keeping up with the latest modus operandi of cybercrooks who adapt emerging technologies to siphon money from consumers. Artificial intelligence is just one of the many...

blue squares forming the abstract shape of an arrow set against a white background

blue squares forming the abstract shape of an arrow set against a white background

On 2024-02-14, a research was reported, involving , gaining initial access via Cloud native misconfig, while using Cloud key compromise, targeting Azure Storage to achieve Resp. disclosure.

On 2024-02-14, a research was reported, involving , gaining initial access via Software misconfig, targeting Ansible, NGINX to achieve Resp. disclosure.

Through its managed security services offerings, Volexity routinely identifies spear-phishing campaigns targeting its customers. One persistent threat actor, whose campaigns Volexity frequently...

Water Hydra group (AKA DarkCasino), whose activity was first detected in 2021, is known for their cyberattacks targeting the financial industry globally, including banks, cryptocurrency platforms,...

On 2024-02-13, an incident was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, targeting Confluence Server to achieve Data exfiltration.

On 2024-02-13, a research was reported, involving , gaining initial access via Software misconfig, while using Cloud key compromise, to achieve Resp. disclosure.

Fortinet offers guidance to detect and mitigate CVE-2024-21762 and CVE-2024-23113, critical RCE vulnerabilities in FortiOS and FortiProxy, including guidance that organizations should patch urgently.

We explore how advancements in EKS Access Entries and Pod Identity have opened new attack vectors and offer examples of how adversaries could exploit them.

On 2024-02-09, a research was reported, involving , gaining initial access via Software misconfig, targeting MongoDB to achieve Resp. disclosure.

On 2024-02-09, a research was reported, involving , gaining initial access via Software misconfig, targeting Salesforce to achieve Resp. disclosure.

UPDATE: Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads. They are...

UPDATE: Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads. They are...

Get a detailed analysis of the entire attack chain of Microsoft's breach by Midnight Blizzard (APT29), as well as detection and mitigation recommendations.

Chapter III. Exploring and comparing prominent Russian language cybercriminal forums. Welcome to the third part of this series of OSINT...

Authored by Dexter Shin MoqHao is a well-known Android malware family associated with the Roaming Mantis threat actor group first... The post MoqHao evolution: New variants start automatically...

On 2024-02-08, an incident was reported, involving an unknown actor, gaining initial access via Unknown, to achieve Data exfiltration.

On 2024-02-08, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, to achieve Data exfiltration.

On 2024-02-08, a campaign was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, while using Vulnerability exploitation, targeting Confluence Server to achieve...