A newly discovered malware campaign is leveraging the JPHP interpreter – a PHP implementation running on the...
Blue-Team
The latest in malware analysis, threat intelligence, cybersecurity reports, SIEM intelligence, and more Blue-Team news.
A sophisticated malware campaign dubbed “Arcane Stealer” is actively targeting gamers and VPN users through compromised YouTube...
Active Directory’s Discretionary Access Control Lists (DACLs) serve as fundamental security mechanisms governing object permissions within directory...
Active Directory Discretionary Access Control Lists (DACLs) serve as a fundamental security mechanism governing access to directory...
Kerberos pre-authentication brute-force attacks pose a significant risk to Active Directory environments, enabling attackers to identify valid...
Legacy configurations in Active Directory (AD) often introduce security vulnerabilities, and one of the most persistent risks...
A Shadow Credentials attack is an advanced exploitation technique targeting Active Directory Certificate Services (AD CS), enabling...
Netsniff-ng represents a paradigm shift in network traffic analysis, offering security professionals a zero-copy, high-performance toolkit for...
Tcpick provides security teams with specialized capabilities for reconstructing and analyzing TCP streams from packet captures. This...
The security operations center (SOC) is undergoing a radical transformation through AI and cloud-native detection technologies. Traditional...
A new variant of the POWLOAD Trojan has emerged, leveraging COVID-19 themes to target Italian users through...
A new malware campaign has been identified distributing trojanized versions of Zoom installers bundled with cryptocurrency mining...
A newly identified backdoor malware, Backdoor.Win32.DEVILSHADOW.THEAABO, has been discovered embedded in counterfeit Zoom installer packages. This threat...
Backdoor.MSIL.BLADABINDI.THA represents a concerning Windows-based backdoor malware that security teams should monitor, particularly due to its recent...
Trojan.MSIL.SUPERNOVA.A represents a significant Windows-based threat with high damage potential despite its currently limited distribution. First identified...
Trojan.INF.HIDDENTEAR.THAOGBA is a Windows-based Trojan classified as low-risk by Trend Micro. It spreads through malicious downloads or...
Summary: Ransom.MSIL.COBRALOCKER.AA represents a Windows-targeting ransomware strain first identified in January 2021, demonstrating low distribution but high...
Ransom.Win32.MAOLOA.THAAHBA is a targeted ransomware variant affecting Windows systems, first observed in January 2021. While classified as...
Ransom.MSIL.THANOS.THABGBA is a ransomware strain targeting Windows systems, classified as a low-risk threat due to its limited...
Summary: Ransom.Win32.DEARCRY.THCABBA represents a significant cybersecurity threat despite its relatively low prevalence. First identified in March 2021,...
