Post-Exploitation

Microsoft’s Removal of PowerShell 2.0: Security Implications and Migration Guidance

Blue-Team

Microsoft’s Removal of PowerShell 2.0: Security Implications and Migration Guidance

Microsoft has confirmed the removal of PowerShell 2.0 from Windows 11 and Windows Server systems starting August...

Profero Cracks DarkBit Ransomware Encryption, Enables Free Data Recovery

APT-News

Profero Cracks DarkBit Ransomware Encryption, Enables Free Data Recovery

Cybersecurity firm Profero has successfully reverse-engineered the encryption mechanism used by the DarkBit ransomware group, enabling victims...

Hardening Active Directory Against Kerberoasting Attacks

Blue-Team

Hardening Active Directory Against Kerberoasting Attacks

Kerberoasting remains a persistent threat to Active Directory (AD) environments, allowing attackers to crack service account passwords...

LameHug Malware Leverages AI LLMs for Real-Time Windows Data Theft

Malware Analysis

LameHug Malware Leverages AI LLMs for Real-Time Windows Data Theft

A new malware strain named LameHug has been discovered using large language models (LLMs) to dynamically generate...

UK Retail Cyberattacks: Arrests, Tactics, and Impact Analysis

APT-News

UK Retail Cyberattacks: Arrests, Tactics, and Impact Analysis

Four individuals—three men and one woman aged between 17 and 20—were arrested in London and the Midlands...

Ryuk Ransomware Operative Extradited: Implications for Cybersecurity

APT-News

Ryuk Ransomware Operative Extradited: Implications for Cybersecurity

A key member of the Ryuk ransomware operation, specializing in initial network access, has been extradited to...

Fog Ransomware’s Unusual Toolset: Legitimate Software and Open-Source Utilities in Attacks

Threat Intelligence

Fog Ransomware’s Unusual Toolset: Legitimate Software and Open-Source Utilities in Attacks

The Fog ransomware group has emerged as a significant threat in 2024-2025, distinguished by its unconventional blend...

DragonForce Ransomware Exploits SimpleHelp RMM in MSP Supply Chain Attacks

APT-News

DragonForce Ransomware Exploits SimpleHelp RMM in MSP Supply Chain Attacks

The DragonForce ransomware group has compromised over 120 managed service providers (MSPs) by exploiting vulnerabilities in SimpleHelp’s...

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

Malware Analysis

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

The official website for RVTools, a widely used VMware management utility, was compromised in a supply chain...

Moldovan Arrest Tied to DoppelPaymer Ransomware: Implications for Threat Actors

Threat Intelligence

Moldovan Arrest Tied to DoppelPaymer Ransomware: Implications for Threat Actors

Moldovan authorities have detained a 45-year-old individual linked to the DoppelPaymer ransomware group, which targeted Dutch organizations...

Harrods Cyberattack: Technical Analysis of the UK Retail Breach

Threat Intelligence

Harrods Cyberattack: Technical Analysis of the UK Retail Breach

Harrods, the luxury department store, confirmed a cyberattack on May 1, 2025, restricting internal internet access while...

Security Breach in Unofficial Signal App Used by Trump Administration Officials

Data Breach

Security Breach in Unofficial Signal App Used by Trump Administration Officials

A modified version of the encrypted messaging app Signal, used by Trump administration officials, was compromised in...

SuperShell and Cobalt Strike Payloads Found in Open Directories: Analysis and Mitigation

C2-Updates

SuperShell and Cobalt Strike Payloads Found in Open Directories: Analysis and Mitigation

Cybersecurity researchers from Hunt have identified a server hosting advanced malicious tools, including SuperShell command-and-control (C2) payloads...

Hitachi Vantara Disrupts Akira Ransomware Attack Through Server Isolation

Threat Intelligence

Hitachi Vantara Disrupts Akira Ransomware Attack Through Server Isolation

Hitachi Vantara, the data infrastructure subsidiary of Japanese conglomerate Hitachi, executed emergency containment measures on April 26,...

Fog Ransomware Exposes Active Directory Exploitation Toolkit in Open Server

APT-News

Fog Ransomware Exposes Active Directory Exploitation Toolkit in Open Server

Cybersecurity researchers have uncovered a publicly accessible server operated by an affiliate of the Fog ransomware group,...

Federal Charges Filed Against Alleged SmokeLoader Malware Operator in Vermont

Malware Analysis

Federal Charges Filed Against Alleged SmokeLoader Malware Operator in Vermont

An alleged operator of the SmokeLoader malware, identified as Nicholas Moses (alias “scrublord”), is facing federal hacking...

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

CVE News

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Cybersecurity firm Arctic Wolf has confirmed that a remote code execution (RCE) vulnerability in SonicWall Secure Mobile...

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

Red-Team

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

The Diamond Ticket attack represents an advanced exploitation technique targeting Active Directory environments by manipulating Kerberos authentication...

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Red-Team

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Active Directory (AD) remains a prime target for attackers due to its central role in enterprise authentication...

Ransom.Win32.MAOLOA.THAAHBA: Technical Analysis of a Windows Ransomware Strain

Malware Analysis

Ransom.Win32.MAOLOA.THAAHBA: Technical Analysis of a Windows Ransomware Strain

Ransom.Win32.MAOLOA.THAAHBA is a targeted ransomware variant affecting Windows systems, first observed in January 2021. While classified as...

Posts pagination

1 2 Next

Post-Exploitation

Microsoft’s Removal of PowerShell 2.0: Security Implications and Migration Guidance

Profero Cracks DarkBit Ransomware Encryption, Enables Free Data Recovery

Hardening Active Directory Against Kerberoasting Attacks

LameHug Malware Leverages AI LLMs for Real-Time Windows Data Theft

UK Retail Cyberattacks: Arrests, Tactics, and Impact Analysis

Ryuk Ransomware Operative Extradited: Implications for Cybersecurity

Fog Ransomware’s Unusual Toolset: Legitimate Software and Open-Source Utilities in Attacks

DragonForce Ransomware Exploits SimpleHelp RMM in MSP Supply Chain Attacks

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

Moldovan Arrest Tied to DoppelPaymer Ransomware: Implications for Threat Actors

Harrods Cyberattack: Technical Analysis of the UK Retail Breach

Security Breach in Unofficial Signal App Used by Trump Administration Officials

SuperShell and Cobalt Strike Payloads Found in Open Directories: Analysis and Mitigation

Hitachi Vantara Disrupts Akira Ransomware Attack Through Server Isolation

Fog Ransomware Exposes Active Directory Exploitation Toolkit in Open Server

Federal Charges Filed Against Alleged SmokeLoader Malware Operator in Vermont

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Ransom.Win32.MAOLOA.THAAHBA: Technical Analysis of a Windows Ransomware Strain

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues