October 2024 – Microsoft patch tuesday highlights
Background Microsoft’s October 2024 Patch Tuesday updates are now available. They provide essential safety enhancements that IT professionals should apply. […]
September 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s September 2024 Patch Tuesday rollout includes security patches for 79 vulnerabilities. Among these are four zero-days that are […]
New Malware Masquerades as Palo Alto VPN Targeting Middle East Organizations
Background Threat actors target Middle Eastern enterprises using malware masquerading as the genuine Palo Alto GlobalProtect Tool, which can steal […]
Polyfill Supply Chain Attack
Popular JavaScript library and service Polyfill.io allows outdated browsers that do not support browser APIs or newer JavaScript capabilities to […]
CVE-2024-4985: GitHub Enterprise Server Authentication Bypass Vulnerability
GitHub Enterprise Server is a self-hosted platform that facilitates software development, scaling, and delivery for enterprises. For businesses needing greater […]
Latrodectus: A New Malware Emerges in Phishing Campaigns
Key Points Latrodectus, an evolution of the IcedID loader, was discovered in malicious email campaigns since November 2023. Researchers at […]
Evidence Leads to Lazarus as the VMConnect Supply Chain Attack Continues
Recently, Sonatype and Reversing Labs analyzed the fraudulent PyPI package ‘VMConnect,’ developed to imitate the authentic VMware vSphere connector module […]
A Sneaky Cross-Platform Threat Targeting Redis Server: P2PInfect Worm
Unit 42 cloud researchers discovered a new peer-to-peer (P2P) worm on July 11, 2023, which they have named P2PInfect. Background: […]
Merdoor – A Custom Backdoor Used by Lancefly APT to Target Government Organizations
Recent observations show the use of a unique Merdoor backdoor by a hacking group known as Lancefly APT to attack […]
Freeze – A Payload Toolkit for Bypassing EDRs using Suspended Processes
Freeze is a potent tool that makes it possible to build payloads that stealthily run shellcode and get beyond EDR […]
Rogue NuGet Packages – The Rise of Supply Chain Risks
NuGet is the package manager for .NET. It enables developers to create, share, and consume useful .NET libraries. NuGet client […]
Emotet Epoch 5
The notorious Emotet malware has returned with a new tactic to evade macro-based security restrictions and infect systems. This time, […]
The Emotet Botnet Epoch4: A Highly Sophisticated and Dangerous Malware Campaign
Emotet is one of the most sophisticated and dangerous malware families currently in existence. It is a modular banking Trojan […]
Ursnif/Gozi Malware Evolution and Associated IoC
Gozi is a powerful piece of malware with a wide range of intricate characteristics. It began as a basic banking […]
An overview of FIN11 and their motivations
A financially driven threat group FIN11 has run some of the most extensive and longest-running malware dissemination campaigns. Researchers have […]
Malware Evasion Techniques and Recommendations for Threat Protection
Malware evasion methods are frequently employed to evade detection, analysis, and comprehension. Due to the fact that sandboxes are now […]
ToddyCat APT
ToddyCat — a relatively new Chinese-Speaking Advanced Persistent Threat, has been targeting and exploiting vulnerable Exchange Servers throughout Europe and […]
Wiper Malware – What is it and How to Detect?
In the world of different malware types and strains, the most disruptive malware type besides ransomware might be Wiper malware. […]