vulnerability

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

CVE News

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS GlobalProtect feature has been actively exploited since...

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

Malware Analysis

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

A sophisticated malware campaign dubbed “Arcane Stealer” is actively targeting gamers and VPN users through compromised YouTube...

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

APT-News

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

The XE Group, a cybercrime syndicate with suspected Vietnamese origins, has dramatically evolved its operations from traditional...

Active Directory Security: Detecting and Mitigating WriteDacl Abuse Risks

Blue-Team

Active Directory Security: Detecting and Mitigating WriteDacl Abuse Risks

Active Directory Discretionary Access Control Lists (DACLs) serve as a fundamental security mechanism governing access to directory...

Credential Dumping via Active Directory User Comments: Risks and Mitigations

News

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Active Directory (AD) credential dumping remains a significant threat, with attackers increasingly exploiting overlooked attributes like user...

Active Directory Security: Mitigating Risks from Pre-Windows 2000 Compatibility Weaknesses

Blue-Team

Active Directory Security: Mitigating Risks from Pre-Windows 2000 Compatibility Weaknesses

Legacy configurations in Active Directory (AD) often introduce security vulnerabilities, and one of the most persistent risks...

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Blue-Team

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Tcpick provides security teams with specialized capabilities for reconstructing and analyzing TCP streams from packet captures. This...

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

News

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Network traffic analysis often reveals hidden artifacts, including images transferred over HTTP. These images can contain valuable...

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

News

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

Security teams at enterprise organizations can leverage Shodan’s command-line interface (CLI) to enhance external threat intelligence gathering....

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Malware Analysis

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

A new malware campaign has been identified distributing trojanized versions of Zoom installers bundled with cryptocurrency mining...

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Malware Analysis

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

A newly identified backdoor malware, Backdoor.Win32.DEVILSHADOW.THEAABO, has been discovered embedded in counterfeit Zoom installer packages. This threat...

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

Threat Intelligence

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

A newly identified Mirai botnet variant (IoT.Linux.MIRAI.VWISI) has begun exploiting CVE-2020-10173, a command injection vulnerability in Comtrend...

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Malware Analysis

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Backdoor.MSIL.BLADABINDI.THA represents a concerning Windows-based backdoor malware that security teams should monitor, particularly due to its recent...

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Malware Analysis

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.MSIL.SUPERNOVA.A represents a significant Windows-based threat with high damage potential despite its currently limited distribution. First identified...

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Malware Analysis

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Trojan.INF.HIDDENTEAR.THAOGBA is a Windows-based Trojan classified as low-risk by Trend Micro. It spreads through malicious downloads or...

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

News

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.Win64.COMBACKER.YABA-A represents a persistent though low-risk threat to Windows systems, first identified in January 2021 by Trend...

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

Threat Intelligence

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

The Trojan.Win64.HAFNIUM.A malware represents a sophisticated threat targeting Microsoft Exchange servers, initially attributed to the Chinese state-sponsored...

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

Malware Analysis

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

TrojanSpy.MSIL.REDLINESTEALER.YXBDM represents a sophisticated information-stealing malware targeting Windows systems, first identified by Trend Micro researchers in April...

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

Malware Analysis

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

TrojanSpy.MSIL.REDLINESTEALER.YXBDN represents a sophisticated Windows-based information stealer with demonstrated capabilities in credential harvesting across multiple applications. First...

Posts pagination

Previous 1 … 11 12 13 14 15 16 17 … 19 Next

vulnerability

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

Active Directory Security: Detecting and Mitigating WriteDacl Abuse Risks

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Active Directory Security: Mitigating Risks from Pre-Windows 2000 Compatibility Weaknesses

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

New Mirai Botnet Variant Targets Comtrend Router Vulnerability (CVE-2020-10173)

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.Win64.HAFNIUM.A: Technical Analysis of the Microsoft Exchange Server Threat

RedLine Stealer Malware: Analyzing the MSIL.YXBDM Variant’s Data Theft Capabilities

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected