Quishing Attacks on the Rise
The phishing technique known as QR code phishing, sometimes known as quishing, employs QR codes to entice victims into exposing […]
Alert Advisory: Citrix ADC Gateway RCE – CVE-2023-3519
In this blog post, we will explore the details of Citrix ADC vulnerability, its potential consequences, and the importance of […]
Freeze – A Payload Toolkit for Bypassing EDRs using Suspended Processes
Freeze is a potent tool that makes it possible to build payloads that stealthily run shellcode and get beyond EDR […]
3CX Double Software Supply Chain Hack
A significant supply chain breach in 3CX software on March 29 resulted in malware being spread internationally across numerous industries. […]
Rogue NuGet Packages – The Rise of Supply Chain Risks
NuGet is the package manager for .NET. It enables developers to create, share, and consume useful .NET libraries. NuGet client […]
Ragnar Locker Ransomware
Ragnar Locker Ransomware is a type of malware that encrypts a victim’s files and then demands a ransom to decrypt […]
Threat Hunting Unauthorized RDP Post-Exploitation
Users of Microsoft Windows systems can access a remote desktop on systems remotely to administer one or more workstations and/or […]
How SBOM Plays a Key Role in CSOC
In general, 75% of codebases use open-source software, according to the 2021 Open Source Security and Risk Study report. Costs […]
Rise in ICS Vulnerabilities
Due to concerns about interoperability, high uptime requirements, and occasionally the age of devices, patching vulnerabilities in industrial contexts has […]
CVE-2023-23397 – Critical Outlook Vulnerability
On March 14th, 2023, Microsoft released patches for approximately 80 newly found security vulnerabilities. There were two zero-day attacks among […]
Managed 24×7 Cyber Threat Detection and Response in OT/ICS
Industrial Control Systems (ICS) and Operational Technology (OT) play a critical role in the functioning of essential industries such as […]
Emotet Epoch 5
The notorious Emotet malware has returned with a new tactic to evade macro-based security restrictions and infect systems. This time, […]
The Emotet Botnet Epoch4: A Highly Sophisticated and Dangerous Malware Campaign
Emotet is one of the most sophisticated and dangerous malware families currently in existence. It is a modular banking Trojan […]
Digital Risk Management – Threat Hunting for Secrets, Keys and Leaked Source Code on Github
DRM stands for the procedure of locating, evaluating, and minimizing hazards to a company’s digital assets. Background Many firms have […]
ManageEngine RCE Vulnerability (CVE-2022-47966)
A remote code execution vulnerability (CVE-2022-47966) impacting a number of Zoho ManageEngine on-premise products with SAML SSO enabled has been […]
OWASSRF Exploit – Targeting Arbitrary Code Execution on Microsoft Exchange OWA
Two zero-day vulnerabilities in Microsoft Exchange were reportedly being actively exploited on September 29, 2022, with the potential to lead […]
Detecting Rogue Devices on Enterprise Network
Organizations rely on wired networks in today’s hyperconnected environment to link devices and facilitate internal communication. However, it has become […]
Protecting VMWare ESXi Hypervisors from Ransomware
One of the top platforms in the virtualization sector is VMware. Organizations can more effectively use the computing power of […]
Wi-Fi Security – Monitoring Hacking Attempts
Wired Ethernet is no longer the best option for many enterprises. The preferred network access technology for users and endpoints […]
2022 is Over But What Did We Learn From Our Work
Throughout the year, numerous new incidents and rising threats were unveiled to the horror of many. In 2022, the world […]
Why Threat Actors are Now using Rust to Develop New Ransomware?
Rust, a relatively new programming language, was introduced in 2015 and has since gained popularity for its pleasant developer experience […]
Methods to Perform Encrypted Traffic Analysis (ETA)
In addition to considerably enhancing security and user privacy, the introduction of network traffic encryption, such as TLS, has also […]
Why Compromise Assessment Should Be a Part of Your Threat Detection and Response Ecosystem
A typical compromise assessment plan uses specialized software and scripts combined with forensic data to find compromises or problems that […]
WIP19 APT Targeting Organizations in Middle East
With signed malware, a new cyberespionage group has been hitting telecom companies and IT, service providers. The group, known as […]