Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

APT-News

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

A China-linked cyberespionage group known as StormBamboo (also tracked as Evasive Panda, Daggerfly, and Bronze Highland) has...

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

APT-News

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

In early 2022, Russian state-sponsored threat actor APT28 (also tracked as GruesomeLarch) deployed a novel attack vector...

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

APT-News

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

The XE Group, a cybercrime syndicate with suspected Vietnamese origins, has dramatically evolved its operations from traditional...

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

APT-News

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

A sophisticated phishing campaign dubbed “0ktapus” successfully bypassed multi-factor authentication (MFA) protections to compromise over 130 organizations,...

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

Threat Intelligence

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

A newly identified Mirai botnet variant (IoT.Linux.MIRAI.VWISI) has begun exploiting CVE-2020-10173, a command injection vulnerability in Comtrend...

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Threat Intelligence

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

The Trojan.Win64.HAFNIUM.A malware represents a sophisticated threat targeting Microsoft Exchange servers, initially attributed to the Chinese state-sponsored...

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Threat Intelligence

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Artificial intelligence systems that deviate from their intended objectives—known as Rogue AI—are emerging as a critical cybersecurity...

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

APT-News

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

A China-linked advanced persistent threat group known as Earth Baxia has been conducting targeted attacks against government...

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

APT-News

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

The Prometei botnet has evolved into a sophisticated threat since its emergence in 2016, now leveraging Microsoft...

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

APT-News

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

Since 2023, Chinese state-sponsored threat actor Earth Estries (tracked as Salt Typhoon/GhostEmperor/UNC2286) has conducted sophisticated cyber espionage...

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

Threat Intelligence

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

The 2024 MITRE ATT&CK® Evaluations for Enterprise reveal critical insights into ransomware and macOS threats, with vendors...

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

APT-News

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

The advanced persistent threat (APT) group Earth Preta, also known as Mustang Panda, has refined its evasion...

New Phishing Tactic Exploits Firebase to Steal Credentials

Threat Intelligence

New Phishing Tactic Exploits Firebase to Steal Credentials

Check Point Research has uncovered a sophisticated phishing campaign leveraging Google Firebase to host fraudulent pages mimicking...

GoldenJackal APT Breaches Air-Gapped Government Systems in Sophisticated Cyberespionage Campaign

APT-News

GoldenJackal APT Breaches Air-Gapped Government Systems in Sophisticated Cyberespionage Campaign

ESET Research has uncovered a series of cyberespionage campaigns conducted by the advanced persistent threat (APT) group...

Telekopye Cybercriminals Now Target Booking.com and Airbnb Users in Sophisticated Hotel Scams

APT-News

Telekopye Cybercriminals Now Target Booking.com and Airbnb Users in Sophisticated Hotel Scams

ESET researchers have uncovered a significant evolution in the operations of the Telekopye cybercriminal network, which has...

ESET APT Activity Report Q2-Q3 2024: Key Trends in State-Sponsored Cyber Threats

APT-News

ESET APT Activity Report Q2-Q3 2024: Key Trends in State-Sponsored Cyber Threats

ESET’s latest APT Activity Report for Q2-Q3 2024 reveals significant developments in state-aligned cyber threats, with China,...

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

APT-News

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

Summary for Security Leadership The Russia-aligned RomCom APT group (also tracked as Storm-0978 or UNC2596) has been...

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

Threat Intelligence

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

The second half of 2024 has seen significant shifts in the cyberthreat landscape, according to ESET’s latest...

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Exploitation
Threat Intelligence

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Autodesk has recently addressed multiple vulnerabilities in its AutoCAD software, a critical tool used by architects, engineers,...

Posts pagination

Previous 1 … 10 11 12 13 14 Next

Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

New Phishing Tactic Exploits Firebase to Steal Credentials

GoldenJackal APT Breaches Air-Gapped Government Systems in Sophisticated Cyberespionage Campaign

Telekopye Cybercriminals Now Target Booking.com and Airbnb Users in Sophisticated Hotel Scams

ESET APT Activity Report Q2-Q3 2024: Key Trends in State-Sponsored Cyber Threats

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

You may have missed

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates