Threat Intelligence

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Threat Intelligence

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Google’s Threat Analysis Group (TAG) has released its Q2 2023 bulletin, providing critical insights into coordinated influence...

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

Threat Intelligence

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

Google’s Threat Analysis Group (TAG) has released its quarterly bulletin revealing the termination of thousands of accounts...

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

Threat Intelligence

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

A recent ASEC report reveals intensifying cyber threats against financial institutions in South Korea and worldwide, with...

Critical PostgreSQL SQLi and Palo Alto VPN Exploits Targeted in Latest Snort Rules Update (Feb 2025 Week 4)

Threat Intelligence

Critical PostgreSQL SQLi and Palo Alto VPN Exploits Targeted in Latest Snort Rules Update (Feb 2025 Week 4)

AhnLab’s Threat Intelligence Platform has released 19 new Snort rules addressing critical vulnerabilities including PostgreSQL SQL injection...

Ransomware and Dark Web Threats Escalate in March 2025: New Extortion Tactics and Hacktivist Attacks

Threat Intelligence

Ransomware and Dark Web Threats Escalate in March 2025: New Extortion Tactics and Hacktivist Attacks

The second week of March 2025 witnessed a surge in cybercriminal operations, marked by the emergence of...

Ivanti VPN Zero-Day Exploits: Critical Vulnerabilities and Advanced Persistence Techniques

APT-News

Ivanti VPN Zero-Day Exploits: Critical Vulnerabilities and Advanced Persistence Techniques

Security teams worldwide are grappling with widespread exploitation of Ivanti Connect Secure VPN appliances, as researchers uncover...

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

APT-News

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

A China-linked cyberespionage group known as StormBamboo (also tracked as Evasive Panda, Daggerfly, and Bronze Highland) has...

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

APT-News

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

In early 2022, Russian state-sponsored threat actor APT28 (also tracked as GruesomeLarch) deployed a novel attack vector...

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

APT-News

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

The XE Group, a cybercrime syndicate with suspected Vietnamese origins, has dramatically evolved its operations from traditional...

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

APT-News

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

A sophisticated phishing campaign dubbed “0ktapus” successfully bypassed multi-factor authentication (MFA) protections to compromise over 130 organizations,...

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

Threat Intelligence

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

A newly identified Mirai botnet variant (IoT.Linux.MIRAI.VWISI) has begun exploiting CVE-2020-10173, a command injection vulnerability in Comtrend...

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Threat Intelligence

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

The Trojan.Win64.HAFNIUM.A malware represents a sophisticated threat targeting Microsoft Exchange servers, initially attributed to the Chinese state-sponsored...

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Threat Intelligence

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Artificial intelligence systems that deviate from their intended objectives—known as Rogue AI—are emerging as a critical cybersecurity...

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

APT-News

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

A China-linked advanced persistent threat group known as Earth Baxia has been conducting targeted attacks against government...

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

APT-News

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

The Prometei botnet has evolved into a sophisticated threat since its emergence in 2016, now leveraging Microsoft...

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

APT-News

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

Since 2023, Chinese state-sponsored threat actor Earth Estries (tracked as Salt Typhoon/GhostEmperor/UNC2286) has conducted sophisticated cyber espionage...

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

Threat Intelligence

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

The 2024 MITRE ATT&CK® Evaluations for Enterprise reveal critical insights into ransomware and macOS threats, with vendors...

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

APT-News

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

The advanced persistent threat (APT) group Earth Preta, also known as Mustang Panda, has refined its evasion...

New Phishing Tactic Exploits Firebase to Steal Credentials

Threat Intelligence

New Phishing Tactic Exploits Firebase to Steal Credentials

Check Point Research has uncovered a sophisticated phishing campaign leveraging Google Firebase to host fraudulent pages mimicking...

Posts pagination

Previous 1 2 3 4 Next

Threat Intelligence

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

Critical PostgreSQL SQLi and Palo Alto VPN Exploits Targeted in Latest Snort Rules Update (Feb 2025 Week 4)

Ransomware and Dark Web Threats Escalate in March 2025: New Extortion Tactics and Hacktivist Attacks

Ivanti VPN Zero-Day Exploits: Critical Vulnerabilities and Advanced Persistence Techniques

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Rogue AI: The Next Frontier in Cybersecurity Threats and Mitigation Strategies

Chinese APT Earth Baxia Targets APAC with GeoServer Exploits and Sophisticated Malware

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

Earth Estries APT Group’s Long-Term Cyber Espionage Campaign Targeting Global Infrastructure

MITRE ATT&CK 2024 Results: Ransomware & macOS Threats Dominate Enterprise Security

Earth Preta Evades Detection by Blending Legitimate and Malicious Tools

New Phishing Tactic Exploits Firebase to Steal Credentials

You may have missed

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)