Generative Data Intelligence

Tag: Post-exploitation

Threat Actors Team Up for Post-Holiday Phishing Email Surge

Last week, two different threat actors teamed up to send thousands of post-holiday-break phishing emails destined for North American organizations.Other than volume, the campaign...

Top News

Web Shells Gain Sophistication for Stealth, Persistence

Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly...

Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks

The Gootloader Group, previously known only as an initial access broker (IAB) and malware operator, has unleashed a destructive new post-compromise tool, GootBot, which...

As Citrix Urges Its Clients to Patch, Researchers Release an Exploit

A critical security update is now available for the latest high-profile Citrix NetScaler vulnerability. But so is an exploit. And in some cases, the...

Stealth Falcon preying over Middle Eastern skies with Deadglyph

For years, the Middle East has maintained its reputation as a fertile ground for advanced persistent threats (APTs). In the midst of routine monitoring...

Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor

ESET researchers discovered a Ballistic Bobcat campaign targeting various entities in Brazil, Israel, and the United Arab Emirates, using a novel backdoor we have...

‘Whiffy Recon’ Malware Transmits Device Location Every 60 Seconds

Researchers have uncovered the "Whiffy Recon" malware being deployed by the SmokeLoader botnet, which is a customized Wi-Fi scanning executable for Windows systems that...

Banks In Attackers’ Crosshairs, Via Open Source Software Supply Chain

In two separate incidents, threat actors recently tried to introduce malware into the software development environment at two different banks via poisoned packages on...

Microsoft Azure VMs Hijacked in Cloud Cyberattack

A threat actor known for targeting Microsoft cloud environments now is employing the serial console feature on Azure virtual machines (VMs) to hijack the...

Attackers Abuse PaperCut RCE Flaws to Take Over Enterprise Print Servers

Security researchers have revealed new details about how attackers are exploiting two flaws in the PaperCut enterprise print management system — used by more...

Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools

Microsoft's Digital Crimes Unit (DCU), security software vendor Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC), have joined forces to remove cracked...

Okta Post-Exploitation Method Exposes User Passwords

A post-exploitation attack method has been uncovered that allows adversaries to read cleartext user passwords for Okta, the identity access and management (IAM) provider...

MagicWeb Mystery Highlights Nobelium Attacker’s Sophistication

Microsoft has tracked down a sophisticated authentication bypass for Active Directory Federated Services (AD FS), pioneered by the Russia-linked Nobelium group. The malware that allowed...

Latest Intelligence

spot_img
spot_img
spot_img

Chat with us

Hi there! How can I help you?