Strategies for tracking and defending against malicious activity and threats in the cloud using atomic indicators of compromise (IOCs).
Sextortion schemes are about to take a much darker turn. With the rise of Infostealer malware, the game is changing. Hackers will no longer rely on fake threats or generic scare tactics like...
Learn how DORA enhances operational resilience for financial institutions in the EU, focusing on ICT risk management, third-party oversight, and more.
Datadog Security Research has uncovered a sophisticated cryptojacking campaign targeting microservice technologies, specifically Docker and Kubernetes. The threat actors exploit exposed Docker...
Introduction Based on feedback I have received from fellow CTI researchers, incident responders, and managed detection and response teams around my Ransomware Tool Matrix project, I decided to...
Introduction Russian state-sponsored threat groups, such as Fancy Bear (APT28), Cozy Bear (APT29), Turla, and Sandworm, among others, are well-known for complex cyber-espionage operations,...
Authored by Yashvi Shah and Aayush Tyagi Executive summary McAfee Labs recently observed an infection chain where fake CAPTCHA pages... The post Behind the CAPTCHA: A Clever Gateway of Malware...
With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process
German authorities recently took down 47 cryptocurrency exchanges used by ransomware groups, money launderers, and botnet operators. Although the domains have been seized, no arrests have been...
UNC1860 is an Iranian state-sponsored threat actor, likely affiliated with Iran's Ministry of Intelligence and Security (MOIS). This group specializes in gaining persistent access to high-priority...
The author found several weird quirks and behaviors that were not useful individually. By combining all of these together, they were able to steal files on Google Slides with YouTube. Google...
Simple Serialize (SSZ) is used by Ethereum clients in the consensus protocol and in P to P communication. The SSZ soundness depends on the involutive and injective property. The involutive...
Changes to the msds-KeyCredentialLink attribute are not audited/logged with standard audit configurations. This required serious investigations and a partner firm in infosec provided us the...
Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways to exploit unsuspecting users are being found. One... The post Cracked Software or Cyber Trap? The Rising Danger of...
How do analyst relations professionals sort through the noise to help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out.
Close detection gaps with actionable threat intelligence. Integrate diverse data sources for comprehensive visibility and proactive cybersecurity defense.
Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help
Fuzzing is a technique that many of us know and love. But why is it so effective? This talk aims to go through the origins of fuzzing and why it works as well as it does. The origins stem back to...
SSH has a problem where a passive observer is able to deduce some information via the metadata, which violates most cryptographic principles. By default, each keystroke is clearly identified and...
Getting the most value out of your cloud logs
Alternative relationships site says it has resolved concerns about data security that tech firm claims to have uncoveredBusiness live – latest updatesUsers of Feeld, a dating app aimed at...
ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos
The "Marko Polo" cybercriminal group has rapidly expanded its operations, employing infostealer malware and social engineering tactics to target cryptocurrency influencers, online gaming...
On 2024-09-17, an incident was reported, involving 0ktapus, gaining initial access via Unknown, while using Create or modify firewall or security group rules, OS password reset, Create SSH...
On 2024-09-17, an incident was reported, involving 0ktapus, gaining initial access via End-user compromise, while using Vishing, MFA enrollment, Cloud API e, to achieve RansomOp.
On 2024-09-17, an incident was reported, involving an unknown actor, gaining initial access via Exposed secret, targeting GitHub to achieve Data exfiltration.
Wiz collaborates with Microsoft on the quest to make the cloud more secure for everyone.
Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one
macOS calendar is paired with all of the other macOS services like Mail. The author found a bug in it to get RCE, which is terrifying. They don't just show the bug - they show how to get steal...
URLs are notoriously hard to parse. This article is a list of easy to try URL domain bypasses. This includes absolute URLs, CORS bypasses and weird host headers. The domains contain different...