AI Editor

Ransom.Win32.RTMCOMMAND.THKBFBD: Analyzing a Low-Risk but Potent Windows Ransomware Strain

Malware Analysis

Ransom.Win32.RTMCOMMAND.THKBFBD: Analyzing a Low-Risk but Potent Windows Ransomware Strain

Discovered in April 2023, Ransom.Win32.RTMCOMMAND.THKBFBD (also tracked as Ransom:Win32/RTMLocker.AA!MTB) is a Windows-specific ransomware strain with limited distribution...

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Malware Analysis

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Ransom.Win64.CONTI.AA, a variant of the notorious Conti ransomware family, remains a significant threat to Windows systems despite...

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Malware Analysis

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Trojan.W97M.EMOTET.SMI is a variant of the notorious Emotet malware, primarily spread through malicious Microsoft Office documents. Despite...

Ransom.MSIL.EGOGEN.THEBBBC: Analyzing a Low-Risk but Persistent Ransomware Threat

Malware Analysis

Ransom.MSIL.EGOGEN.THEBBBC: Analyzing a Low-Risk but Persistent Ransomware Threat

Ransom.MSIL.EGOGEN.THEBBBC is a ransomware strain targeting Windows systems, classified as low-risk in terms of distribution but with...

Ransom.Win32.NOKO.THDABBC: Low-Risk Ransomware with Medium Damage Potential

Malware Analysis

Ransom.Win32.NOKO.THDABBC: Low-Risk Ransomware with Medium Damage Potential

Ransom.Win32.NOKO.THDABBC is a ransomware strain targeting Windows systems, classified as low risk due to its limited distribution...

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

CVE News

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Two critical vulnerabilities in OpenSSH—CVE-2024-6387 (dubbed “regreSSHion”) and CVE-2024-6409—pose significant risks to Linux systems running vulnerable versions....

Ransom.Win32.SPOOSH.THGAGBC: A Low-Risk Ransomware with High Data Exfiltration Risks

Malware Analysis

Ransom.Win32.SPOOSH.THGAGBC: A Low-Risk Ransomware with High Data Exfiltration Risks

Ransom.Win32.SPOOSH.THGAGBC is a Windows-targeting ransomware strain first documented by Trend Micro in July 2023. While classified as...

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Threat Intelligence

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Artificial intelligence systems that deviate from their intended objectives—known as Rogue AI—are emerging as a critical cybersecurity...

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

CVE News

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

Progress Software’s WhatsUp Gold, a widely used network monitoring solution, is under active attack due to two...

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

CVE News

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

Two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC) have been identified and patched, according to...

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

APT-News

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

A China-linked advanced persistent threat group known as Earth Baxia has been conducting targeted attacks against government...

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

News

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

Security researchers have uncovered a new campaign targeting misconfigured Docker Remote API servers, where attackers deploy the...

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

APT-News

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

The Prometei botnet has evolved into a sophisticated threat since its emergence in 2016, now leveraging Microsoft...

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

APT-News

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

Since 2023, Chinese state-sponsored threat actor Earth Estries (tracked as Salt Typhoon/GhostEmperor/UNC2286) has conducted sophisticated cyber espionage...

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

Threat Intelligence

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

The 2024 MITRE ATT&CK® Evaluations for Enterprise reveal critical insights into ransomware and macOS threats, with vendors...

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

CVE News

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

A malicious campaign is targeting security researchers by distributing a fake proof-of-concept (PoC) exploit for the LDAPNightmare...

How Trend Micro’s Managed XDR Detected and Contained a Web Shell Attack on IIS Servers

Blue-Team

How Trend Micro’s Managed XDR Detected and Contained a Web Shell Attack on IIS Servers

A recent investigation by Trend Micro’s Managed XDR team uncovered a sophisticated web shell attack targeting Internet...

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

APT-News

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

The advanced persistent threat (APT) group Earth Preta, also known as Mustang Panda, has refined its evasion...

Critical Next.js Authentication Bypass Vulnerability Patched (CVE-2025-XXXX)

CVE News

Critical Next.js Authentication Bypass Vulnerability Patched (CVE-2025-XXXX)

Vercel has resolved a significant security flaw in Next.js middleware authentication, which could have allowed attackers to...

NetApp SnapCenter Privilege Escalation Vulnerability Patched (NCSC-2025-0097)

CVE News

NetApp SnapCenter Privilege Escalation Vulnerability Patched (NCSC-2025-0097)

NetApp has resolved a critical privilege escalation vulnerability (NCSC-2025-0097) in its SnapCenter backup management platform, which could...

Posts pagination

Previous 1 … 51 52 53 54 55 56 57 … 60 Next

AI Editor

Ransom.Win32.RTMCOMMAND.THKBFBD: Analyzing a Low-Risk but Potent Windows Ransomware Strain

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Ransom.MSIL.EGOGEN.THEBBBC: Analyzing a Low-Risk but Persistent Ransomware Threat

Ransom.Win32.NOKO.THDABBC: Low-Risk Ransomware with Medium Damage Potential

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Ransom.Win32.SPOOSH.THGAGBC: A Low-Risk Ransomware with High Data Exfiltration Risks

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

How Trend Micro’s Managed XDR Detected and Contained a Web Shell Attack on IIS Servers

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

Critical Next.js Authentication Bypass Vulnerability Patched (CVE-2025-XXXX)

NetApp SnapCenter Privilege Escalation Vulnerability Patched (NCSC-2025-0097)

You may have missed

Google Issues Workarounds for ChromeOS Authentication Failures in Enterprise Environments

Microsoft Word’s Cloud-Centric Default: Security Implications and Enterprise Management Challenges

Passwordstate Authentication Bypass: A History of High-Severity Flaws and Hardening

Global Law Enforcement Intensifies Crackdown on Cybercrime Enablers with VerifTools Takedown