Harvesting Browser Credentials: The DPAPI Exploitation Threat
Credential harvesting techniques have shifted dramatically as security controls improve around traditional attack vectors. While organizations invest heavily in protecting […]
Active Directory PKI Abuse: Detecting Privilege Escalation Through ADCS
Active Directory Certificate Services (ADCS) serves as the backbone for Public Key Infrastructure (PKI) in enterprise environments, managing digital certificates […]
How Attackers Leverage Proofpoint and Intermedia Link Wrapping for Phishing Campaigns
Email security technologies are designed to safeguard users by scanning and rewriting suspicious URLs, ensuring that malicious destinations are identified […]
Microsoft 365’s Direct Send Exploited to Bypass Defenses with Internal Phishing
Microsoft’s Direct Send functionality has emerged as a critical attack vector in sophisticated phishing operations, with threat actors exploiting the […]
Critical Cisco ISE Vulnerability Exposes Cloud Deployments to Unauthorized Access
In June 2025, Cisco disclosed a critical vulnerability in its Identity Services Engine (ISE), designated as CVE-2025-20286. This flaw has […]
AI-Powered Exfiltration Detection: Real-World Use Cases in Network Traffic Analysis
In today’s cyber threat landscape, data exfiltration is one of the most low-and-slow and damaging tactics employed by threat actors. […]
FortiGate Devices Targeted by Persistent Symlink Backdoor: Over 16,000 Devices Compromised
FortiGate devices have become a target for cybercriminals due to a critical symlink vulnerability in FortiOS. With over 16,000 devices […]
The Oracle Cloud Supply Chain Hack
Background A major cybersecurity breach has sent shockwaves through global enterprises, as reports emerge of a massive supply chain hack […]
HawkAI – Elevating Cybersecurity with Precision Detection Rules
It is an undeniable reality that cyber threats are continually evolving, and organizations need to stay ahead to protect their […]
Weekly Threat Landscape Digest – Week 49
This week’s cybersecurity digest delves into critical vulnerabilities and emerging threat actor activities, underscoring the urgent need for proactive security […]
Weekly Threat Landscape Digest – Week 48
This week’s cybersecurity digest highlights multiple critical vulnerabilities and threat actor activities, emphasizing the importance of proactive mitigation strategies. Vulnerabilities […]
Critical Remote Code Execution Vulnerability in Palo Alto Networks PAN
On November 8, 2024, Palo Alto Networks issued a security advisory concerning a potential remote code execution (RCE) vulnerability affecting […]
Detecting and Mitigating Lateral Movement
Background Lateral movement refers to a post-exploitation activity in which a threat actor attempts to penetrate adjacent devices. After acquiring […]
CVE-2024-9487: Critical Vulnerability Affecting GitHub Enterprise Server
Background The most recent GitHub Enterprise Server (GHES) security update fixes three recently found vulnerabilities, one of which is a […]
Critical vulnerabilities in Palo Alto Expedition
Background To facilitate the process of transferring configurations from different vendors to Palo Alto Networks’ PAN-OS, Expedition is an enhanced […]
October 2024 – Microsoft patch tuesday highlights
Background Microsoft’s October 2024 Patch Tuesday updates are now available. They provide essential safety enhancements that IT professionals should apply. […]
HookChain: A New Approach to Bypassing EDR Solutions
Background Cybersecurity risks in today’s quickly changing digital environment are getting more complex and challenging to identify. As organizations strengthen […]
Critical RCE Vulnerabilites affecting Aruba Access Points
Background The parent company of Aruba Networks, Hewlett Packard Enterprise (HPE), issued a security bulletin on September 24, 2024, addressing […]
CVE-2024-38812: VMware vCenter Server RCE Vulnerability
Background Two critical vulnerabilities in VMware’s vCenter Server platform were recently patched by Broadcom, with the more severe of the […]
Cicada – A new ransomware targeting VMware ESXi systems
Background A recent ransomware-as-a-service (RaaS) campaign has swiftly targeted organizations across the globe by pretending to be the authentic Cicada […]
CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
CVE-2024-40766: Critical SonicWall Firewall Vulnerability
Background SonicWall has released a patch to address a severe vulnerability discovered in certain SonicOS-based firewall devices. The vulnerability, CVE-2024-40766 […]
CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
August 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s August 2024 Patch Tuesday release includes security patches for 85 vulnerabilities. These are six actively exploited zero-day vulnerabilities […]