Campaign of the month

CVE-2024-38063 is a critical Remote Code Execution (RCE) vulnerability affecting the Windows TCP/IP stack systems with IPv6 enabled. This flaw allows remote code execution without […]

Master regreSSHion: Protect Your Systems from Critical Exploits RegreSSHion (CVE-2024-6387) is a severe vulnerability that grants unauthenticated attackers root privileges on vulnerable machines. This is […]

Argo CD, a popular open-source tool for managing Kubernetes applications through GitOps, has a critical security flaw. A recently discovered vulnerability, CVE-2024-31989, exposes Argo CD’s […]

Kerberos is a commonly used authentication protocol that leverages a robust ticket system to identify users. However, the system isn’t without vulnerabilities that attackers can […]

In January 2024, a critical zero-day exploit sent shockwaves through the cybersecurity landscape. Attackers targeted Ivanti products, exploiting a combination of vulnerabilities that had been […]

Kaspersky’s discovery of “Operation Triangulation”, a complex cyber-attack leveraging multiple iOS vulnerabilities, has rocked the cybersecurity landscape. This unit delves into Operation Triangulation’s attack chain, […]

Quasar is a remote administration tool that allows administrators to connect to and manage remote computers. Over the years, threat actors have modified Quasar to […]

Scattered Spider is a newly discovered threat actor that targets large players in the business enterprise sector. In September of 2023, the group launched a […]

Our latest Campaign of the Month, “APT40”, offers a deep dive into this sophisticated and malicious cyber espionage group, covering key topics and areas related […]

The Horabot botnet is a sophisticated threat that has been active for over two years, primarily focusing on targets in the Americas. It uses a […]

Over the last weeks, hundreds of organizations including 2 DOE Agencies, were impacted by ransomware attacks, as a result of the the MOVEit Transfer Vulnerability, […]

APT35 (also known as Charming Kitten, Phosphorus, Newscaster, and more) is an Iranian state-sponsored cyber-espionage group that primarily targets governmental organizations, defense contractors, research institutions, […]

In March 2023, Microsoft published a critical update notifying users of a vulnerability affecting Microsoft Outlook. This vulnerability (CVE-2023-23397) is exploitable by attackers on Windows-based […]

Only recently discovered, “Beep” malware is already making headlines in the world of cybersecurity. Designed to fly under the radar of security software with a […]

ChatGPT: The Hacker’s New Best Friend? Frequently in the news, ChatGPT has become the fastest-growing consumer application in history. The Artificial Intelligence (AI) tool is […]

Agent Tesla, a leading malware threat to organizations, has the ability to steal sensitive information and is continuing to evolve and spread. It is offered […]

AWS Lambda, one of AWS’ 200 outstanding services, is an event-driven, serverless computing platform that allows you to run code for applications and backend services […]

Multifactor Authentication (MFA) is a popular and crucial security concept used by organizations worldwide. However, it is not invulnerable. A good example of threats to […]

In early August 2022, the Vietnam-based Cybersecurity company GTSC, discovered a zero-day vulnerability in the Microsoft Exchange platform, which received the name “ProxyNotShell”. The Zero […]

Metasploit is one of the most widely used exploit frameworks globally; threat actors, penetration testers and red teams alike use it, as it is completely […]

In the never-ending war between cyber criminals and defense teams across the globe, adversaries continue to develop innovative methods to penetrate organizations. One of the […]

“Tropical Scorpius”, a group of threat actors associated with the Cuba Ransomware (aka COLDDRAW), was recently observed deploying the malware with previously undocumented tactics, techniques, […]

ChromeLoader, aka, ChoziosiLoader, is part of the browser hijacker malware family and targets both Windows and macOS. First discovered in February, it is well-known in […]

Over the past few months, reports about Magniber ransomware infections have been increasing worldwide. Social engineering methods for delivering Magniber have become increasingly sophisticated over […]

On May 19th, 2022, a malware sample uploaded to VirusTotal containing malicious payload, Brute Ratel C4, went undetected by all 56 antiviruses that evaluated it. […]

BluStealer, first detected in May 2021 by Twitter user James_inthe_box, is an information-stealing malware with the ability to steal cyrpto wallet data, swap crypto addresses […]

Matanbuchus is a malware-as-a-service that first surfaced back in 2021 but has since resurfaced; threat researchers recently discovered a malicious phishing campaign that spreads the […]

Intezer and the BlackBerry Research and Intelligence Team recently published their comprehensive research on Symbiote, a highly evasive Linux malware. Appropriately named after the biological […]

Conti is a ransomware-as-a-service program and is one of the most prolific ransomwares of the past year. In what is believed to have been an […]

Out of over 200 teams, BCC Grupo Cajamar’s cyber defense team, “Blue’s Boys”, was one of only 13 teams to make it to the finals. […]

And the next stop is – root privileges! Microsoft has recently discovered several vulnerabilities, collectively referred to as Nimbuspwn. This lethal combination could allow an […]

Microsoft’s recently discovered vulnerabilities, collectively referred to as ‘Nimbuspwn’, could allow attackers to elevate privileges to root level privileges (the highest level privileges e.g., administrator) […]

The malware of many tricks and no treats In 2016, the threat group Wizard Spider developed TrickBot – a highly modular banking trojan believed to […]