Alert Advisory: Supply Chain Attack by Iran’s APT34 Targets the UAE
An Iranian threat group called OilRig typically targets businesses in the Middle East involved in various industries. Still, it has […]
PhishForce: In-the-wild Phishing of Facebook Accounts Using a Vulnerability in Salesforce’s Email Services
We have been subjected to fraudulent emails from the early days of the internet, from intrusive spam to highly targeted […]
Monitoring USB Usages in OT Environments
Industrial control systems are vital infrastructures that need strict security protocols, particularly those that operate in operational technology (OT) environments. […]
A Sneaky Cross-Platform Threat Targeting Redis Server: P2PInfect Worm
Unit 42 cloud researchers discovered a new peer-to-peer (P2P) worm on July 11, 2023, which they have named P2PInfect. Background: […]
Silentbob: A New Campaign by Team TNT Attacking Cloud Environments
The infrastructure of many organizations has included cloud computing in recent years due to its multiple advantages in terms of […]
Merdoor – A Custom Backdoor Used by Lancefly APT to Target Government Organizations
Recent observations show the use of a unique Merdoor backdoor by a hacking group known as Lancefly APT to attack […]
Alert Advisory: Analysis of the Microsoft Storm-0558 SaaS Breach
The operators of Storm-0558 stole a Microsoft account (MSA) consumer signing key to forge tokens for Azure Active Directory (AD) […]
Quishing Attacks on the Rise
The phishing technique known as QR code phishing, sometimes known as quishing, employs QR codes to entice victims into exposing […]
Alert Advisory: Citrix ADC Gateway RCE – CVE-2023-3519
In this blog post, we will explore the details of Citrix ADC vulnerability, its potential consequences, and the importance of […]
Freeze – A Payload Toolkit for Bypassing EDRs using Suspended Processes
Freeze is a potent tool that makes it possible to build payloads that stealthily run shellcode and get beyond EDR […]
3CX Double Software Supply Chain Hack
A significant supply chain breach in 3CX software on March 29 resulted in malware being spread internationally across numerous industries. […]
Rogue NuGet Packages – The Rise of Supply Chain Risks
NuGet is the package manager for .NET. It enables developers to create, share, and consume useful .NET libraries. NuGet client […]
Ragnar Locker Ransomware
Ragnar Locker Ransomware is a type of malware that encrypts a victim’s files and then demands a ransom to decrypt […]
Threat Hunting Unauthorized RDP Post-Exploitation
Users of Microsoft Windows systems can access a remote desktop on systems remotely to administer one or more workstations and/or […]
How SBOM Plays a Key Role in CSOC
In general, 75% of codebases use open-source software, according to the 2021 Open Source Security and Risk Study report. Costs […]
Rise in ICS Vulnerabilities
Due to concerns about interoperability, high uptime requirements, and occasionally the age of devices, patching vulnerabilities in industrial contexts has […]
CVE-2023-23397 – Critical Outlook Vulnerability
On March 14th, 2023, Microsoft released patches for approximately 80 newly found security vulnerabilities. There were two zero-day attacks among […]
Managed 24×7 Cyber Threat Detection and Response in OT/ICS
Industrial Control Systems (ICS) and Operational Technology (OT) play a critical role in the functioning of essential industries such as […]
Digital Risk Management – Threat Hunting for Secrets, Keys and Leaked Source Code on Github
DRM stands for the procedure of locating, evaluating, and minimizing hazards to a company’s digital assets. Background Many firms have […]
ManageEngine RCE Vulnerability (CVE-2022-47966)
A remote code execution vulnerability (CVE-2022-47966) impacting a number of Zoho ManageEngine on-premise products with SAML SSO enabled has been […]
OWASSRF Exploit – Targeting Arbitrary Code Execution on Microsoft Exchange OWA
Two zero-day vulnerabilities in Microsoft Exchange were reportedly being actively exploited on September 29, 2022, with the potential to lead […]
Detecting Rogue Devices on Enterprise Network
Organizations rely on wired networks in today’s hyperconnected environment to link devices and facilitate internal communication. However, it has become […]
Protecting VMWare ESXi Hypervisors from Ransomware
One of the top platforms in the virtualization sector is VMware. Organizations can more effectively use the computing power of […]
Wi-Fi Security – Monitoring Hacking Attempts
Wired Ethernet is no longer the best option for many enterprises. The preferred network access technology for users and endpoints […]