The Rise of IPFS Phishing
Phishing attacks are still one of the most prevalent methods for threat actors to get access, and they pose a […]
DCSync Attacks Explained
Once an attacker gets access to a Windows endpoint, they can access credentials saved in clear text or as a […]
North Korean Attacks Exploiting JetBrains TeamCity Vulnerability
More than 30,000 clients worldwide use JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server. Background: The program can be […]
With Unique Implants, A New ShroudedSnooper Actor Targets Middle Eastern Telecom Companies
State-sponsored actors and highly skilled adversaries have frequently targeted telecommunications businesses worldwide in recent years. Background: The great majority of […]
CVE-2023-34039: Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks
The VMware Aria management and monitoring package provides full-scope operations management, IT automation, log management, analytics creation, network visibility, and […]
Evidence Leads to Lazarus as the VMConnect Supply Chain Attack Continues
Recently, Sonatype and Reversing Labs analyzed the fraudulent PyPI package ‘VMConnect,’ developed to imitate the authentic VMware vSphere connector module […]