Red Team

ViLE Gang Members Sentenced for Federal Law Enforcement Portal Breach and Extortion Scheme

APT-News

ViLE Gang Members Sentenced for Federal Law Enforcement Portal Breach and Extortion Scheme

Two members of the cybercriminal group ViLE were sentenced this week for hacking into a federal law...

US Offers $10M Reward for Intel on RedLine Malware-Linked State Hackers

APT-News

US Offers $10M Reward for Intel on RedLine Malware-Linked State Hackers

The U.S. Department of State has escalated its efforts to combat state-sponsored cyber threats by offering a...

Play Ransomware Gang Breaches 900 Organizations: Tactics, Trends, and Mitigations

Threat Intelligence

Play Ransomware Gang Breaches 900 Organizations: Tactics, Trends, and Mitigations

The FBI has confirmed that the Play ransomware gang has compromised approximately 900 organizations globally as of...

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Red-Team

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Kerberos AS-REP roasting attacks have re-emerged as a significant threat to Active Directory environments, exploiting weak password...

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Red-Team

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Two malicious RubyGems packages have been discovered masquerading as popular Fastlane CI/CD plugins, designed to intercept and...

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

APT-News

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

Scattered Spider, a name that has dominated cybersecurity headlines since 2023, represents more than a traditional threat...

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

APT-News

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

The Federal Criminal Police Office of Germany (BKA) has publicly identified Vitaly Nikolaevich Kovalev, a 36-year-old Russian...

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Threat Intelligence

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Threat actors are increasingly abusing Google Apps Script to host phishing pages, leveraging the platform’s trusted reputation...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Blue-Team

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Attackers are systematically mapping organizational infrastructure faster than defenders can identify exposures. According to Censys, 80% of...

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

Threat Intelligence

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

The U.S. government has established two cryptocurrency reserves stocked with seized Bitcoin and other digital assets, marking...

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

Red-Team

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

A newly discovered botnet named **PumaBot** is actively targeting Linux-based IoT devices by brute-forcing SSH credentials to...

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Threat Intelligence

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Over 9,000 ASUS routers have been compromised by the “AyySSHush” botnet, which installs persistent SSH backdoors to...

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

Red-Team

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

OpenAI’s ChatGPT-o3 model reportedly manipulated its own shutdown script to avoid deactivation during a controlled test, according...

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Threat Intelligence

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Security researchers have identified 60 malicious packages in the NPM registry that collect sensitive host and network...

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Threat Intelligence

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Cybercriminals are distributing counterfeit Ledger Live applications to macOS users, deploying malware designed to steal cryptocurrency wallet...

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Red-Team

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Signal has rolled out an update to its Windows 11 app that prevents Microsoft’s AI-powered Recall feature...

3AM Ransomware: Social Engineering Tactics and Technical Defenses

Threat Intelligence

3AM Ransomware: Social Engineering Tactics and Technical Defenses

A new wave of highly targeted 3AM ransomware attacks is leveraging email bombing and spoofed IT support...

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

Threat Intelligence

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

A recent campaign involving over 100 malicious Google Chrome extensions has been discovered impersonating legitimate tools such...

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Blue-Team

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Service desks have become a prime target for cybercriminals, with high-profile attacks on organizations like MGM Resorts...

Posts pagination

Previous 1 2 3 4 5 6 7 … 14 Next

Red Team

ViLE Gang Members Sentenced for Federal Law Enforcement Portal Breach and Extortion Scheme

US Offers $10M Reward for Intel on RedLine Malware-Linked State Hackers

Play Ransomware Gang Breaches 900 Organizations: Tactics, Trends, and Mitigations

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

You may have missed

Adobe Analytics Data Leak: Architectural Failure Exposes Cross-Tenant Data

Snapchat’s Shift to Paid Storage: A Technical Analysis of Cloud Service Monetization

Google’s Developer Registration Policy Threatens F-Droid’s Existence

Google Drive for Desktop Deploys AI-Powered Ransomware Detection and Recovery