| Niccolo Arboleda | Guest Author Niccolo Arboleda is a cybersecurity enthusiast and student at the University of Toronto. He is usually found in his home lab studying different cybersecurity […]...

Researchers investigated a series of ransomware attacks targeting poorly managed MS-SQL servers by the TargetCompany ransomware group. This group primarily installs Mallox ransomware, with recent...

Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has recently uncovered a novel infection chain associated with... The post The Darkgate Menace: Leveraging Autohotkey &...

Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was...

TL;DRIn this blog post I explain how reply URLs in Azure Applications can be used as a vector for phishing. The impact of this can range from data leaks to complete tenant takeover; just by luring...

Authored by Willem Zeeman and Yun Zheng Hu This blog is part of a series written by various Dutch cyber security firms that have collaborated on the Cactus ransomware group, which exploits Qlik...

Authored by Willem Zeeman and Yun Zheng Hu This blog is part of a series written by various Dutch cyber security firms that have collaborated on the Cactus ransomware group, which exploits Qlik...

Detect and mitigate CVE-2024-4040, a critical vulnerability in CrushFTP exploited in the wild. Organizations should patch urgently.

Hedgey Finance is a token vesting and locking tool. I linked one article but I also like the Rekt News article. During a campaign creation, the user transfers the locked tokens to a smart contract...

Cisco reported two zero-day vulnerabilities in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls that have been exploited by a state-backed hacking group known as...

Ensure that your Kubernetes environments are secure and follow OWASP's Kubernetes Top 10 framework. Generate reports quickly and easily and remediate any issues with actionable insights.

In part 2 of this series, discover where practitioners share during CTI collaboration - from peer to peer trust groups to paid memberships.

Introduction Decrypting Fortinet’s FortiGate FortiOS firmware is a topic that has been thoroughly covered, in part because of the many variants and permutations of FortiOS firmware, all differing...

Gains is a leverage-trading platform. In particular, users can provide small amount of funds yet still gain high exposure to a given asset. The leverage portion allows for gains or losses of...

Accounts with stored payment information went for as little as $0.50 each.

On 2024-04-19, an incident was reported, involving UNC5221, gaining initial access via 1-day vulnerability, while using Session hijacking, Webshell deployment, targeting Ivanti Connect Secure VPN...

If you have been doing internal assessments on Active Directory infrastructure you may have heard the following words: “Null session”, “Guest session” and “Anonymous session”. These words describe...

Wiz announces its Runtime Sensor for Linux, expanding coverage of threat detection and response for cloud workloads.

Authored by Mohansundaram M and Neil Tyagi A new packed variant of the Redline Stealer trojan was observed in the... The post Redline Stealer: A Novel Approach appeared first on McAfee Blog.

April 17, 2024 In 2023, ad-displaying trojans were the most common Android threats. Compared with the year prior, spyware trojans were less active and ranked second in terms of the number of times...

Researchers observed attackers exploiting critical vulnerabilities in the OpenMetadata platform to infiltrate Kubernetes environments for cryptomining. OpenMetadata, an open-source platform for...

While fuzzing the Global Protect firewall, they noticed some interesting behavior in the logs. If they attached a semicolon to the SESSID parameter, some strange logs showed up - failed to...

Apache Allura is used by many popular products. It is a site that managers source code, bug reports, discussions and many other things. SourceForge uses this under the hood. Within the discussion...

Many point of sale (POS) devices are going towards Android based systems instead of obscure custom made things. The authors of this post decided to review the PAX POS system for vulnerabilities....

Wiz introduces AI-remediation steps powered by Amazon Bedrock to empower customers to remediate risks quickly.

Microsoft continues to get a free pass after series of cybersecurity failures.

New features, security updates, and Linux support are all on a long to-do list.

On 2024-04-14, an incident was reported, involving an unknown actor, gaining initial access via 1-day vulnerability, with unknown impact.

In the Cosmos ecosystem, there is a cross chain communication framework called Interblockchain Communcation or IBC for short. On top of IBC, there is a middleware called Packet Forwarding Module...

Preventing the replay of previous transactions is important for the security of Solana and most blockchain systems. The obvious way would be to check if a signature had already been seen. However,...