cybersecurity

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

News

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Reports indicate that a prominent Indonesian educational technology platform may have been the target of a cybersecurity...

Strengthening Defenses Against Identity-Based Cyber Attacks

News

Strengthening Defenses Against Identity-Based Cyber Attacks

Identity-based attacks remain one of the most pervasive threats in cybersecurity, leveraging stolen or compromised credentials to...

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

APT-News

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

A new ransomware-as-a-service (RaaS) operation dubbed “VanHelsing” has surfaced, targeting multiple operating systems and employing double extortion...

Hackers Exploit .NET MAUI to Deliver Fake Banking and Social Apps in India and China

APT-News

Hackers Exploit .NET MAUI to Deliver Fake Banking and Social Apps in India and China

Security researchers have identified a new campaign where threat actors are leveraging Microsoft’s .NET Multi-platform App UI...

NIST SP 800-82r3: Strengthening OT Security with Dragos and NP-View Integration

News

NIST SP 800-82r3: Strengthening OT Security with Dragos and NP-View Integration

The latest revision of NIST SP 800-82 (r3) provides critical guidance for securing Operational Technology (OT) systems,...

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

News

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

Join us for an engaging series of book talks in March 2024 featuring discussions on Chasing Shadows,...

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Threat Intelligence

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Google’s Threat Analysis Group (TAG) has released its Q2 2023 bulletin, providing critical insights into coordinated influence...

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

Threat Intelligence

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

Google’s Threat Analysis Group (TAG) has released its quarterly bulletin revealing the termination of thousands of accounts...

LummaC2 Malware Targets Windows Users Through Fake Total Commander Crack

Malware Analysis

LummaC2 Malware Targets Windows Users Through Fake Total Commander Crack

Security researchers have uncovered a sophisticated malware campaign distributing the LummaC2 information stealer disguised as a cracked...

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

Threat Intelligence

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

A recent ASEC report reveals intensifying cyber threats against financial institutions in South Korea and worldwide, with...

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

Malware Analysis

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

A newly discovered malware campaign is leveraging the JPHP interpreter – a PHP implementation running on the...

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

APT-News

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

A China-linked cyberespionage group known as StormBamboo (also tracked as Evasive Panda, Daggerfly, and Bronze Highland) has...

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

APT-News

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

In early 2022, Russian state-sponsored threat actor APT28 (also tracked as GruesomeLarch) deployed a novel attack vector...

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

Malware Analysis

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

A sophisticated malware campaign dubbed “Arcane Stealer” is actively targeting gamers and VPN users through compromised YouTube...

Active Directory Security: Exploiting and Mitigating GenericWrite DACL Vulnerabilities

Blue-Team

Active Directory Security: Exploiting and Mitigating GenericWrite DACL Vulnerabilities

Active Directory’s Discretionary Access Control Lists (DACLs) serve as fundamental security mechanisms governing object permissions within directory...

Active Directory Security: Detecting and Mitigating WriteDacl Abuse Risks

Blue-Team

Active Directory Security: Detecting and Mitigating WriteDacl Abuse Risks

Active Directory Discretionary Access Control Lists (DACLs) serve as a fundamental security mechanism governing access to directory...

Active Directory Security Testing with Netexec: A Red Team Perspective

Red-Team

Active Directory Security Testing with Netexec: A Red Team Perspective

Active Directory penetration testing remains a cornerstone of enterprise security assessments, with tools like Netexec providing robust...

Active Directory Security: Detecting and Mitigating WriteOwner Permission Abuse

News

Active Directory Security: Detecting and Mitigating WriteOwner Permission Abuse

Misconfigured WriteOwner permissions in Active Directory can enable attackers to take ownership of critical objects, bypass security...

Active Directory Security Risk: Exploiting AddSelf Permissions for Privilege Escalation

News

Active Directory Security Risk: Exploiting AddSelf Permissions for Privilege Escalation

A critical misconfiguration in Active Directory’s Discretionary Access Control Lists (DACLs) allows attackers to abuse the AddSelf...

Posts pagination

Previous 1 2 3 4 5 6 7 8 … 12 Next

cybersecurity

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Strengthening Defenses Against Identity-Based Cyber Attacks

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

Hackers Exploit .NET MAUI to Deliver Fake Banking and Social Apps in India and China

NIST SP 800-82r3: Strengthening OT Security with Dragos and NP-View Integration

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

Google TAG Q2 2023 Bulletin: State-Sponsored Influence Operations and Spam Networks

Google TAG Q2 2024 Report: State-Linked Influence Operations Targeted Across Platforms

LummaC2 Malware Targets Windows Users Through Fake Total Commander Crack

February 2025 Financial Sector Cyber Threats: Korean & Global Security Analysis

JPHP-Based Malware Evades Detection Using Java-PHP Hybrid Approach

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

StormBamboo APT Targets ISPs to Poison Software Updates with Malware

Russian APT28’s “Nearest Neighbor Attack”: Weaponizing Nearby Wi-Fi Networks for Covert Access

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

Active Directory Security: Exploiting and Mitigating GenericWrite DACL Vulnerabilities

Active Directory Security: Detecting and Mitigating WriteDacl Abuse Risks

Active Directory Security Testing with Netexec: A Red Team Perspective

Active Directory Security: Detecting and Mitigating WriteOwner Permission Abuse

Active Directory Security Risk: Exploiting AddSelf Permissions for Privilege Escalation

You may have missed

Trump Administration Considers TikTok Deal Allowing Chinese Algorithm Ownership

How Intezer’s AI SOC Balances Automation with Human Expertise

How Security Platformization Improves Threat Response and Operational Efficiency

World Backup Day: Essential Strategies for Enterprise Data Protection