Detection strategies across cloud and identities against infiltrating IT workers

In this article 1. Attack chain overview 1. Activities in pre-recruitment phase 2. Activities in recruiting phase 3. Activities in post-recruitment phase 2. Mitigation and protection guidance 3. Microsoft Defender XDR detections The shift to remote and hybrid work since the pandemic expanded glob...

MEME#4CHAN The Unconventional Phishing Campaign Spreading XWorm

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A persistent cyber threat known as MEME4CHAN has emerged, characterized by an intricate phishing campaign. This cluster of malicious activity employs a distinctive attack chain methodology, successfully...

Headcrab malware is targeting Redis servers worldwide to mine Monero

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HeadCrab is a new and severe malware that is infiltrating and residing on servers worldwide. It is a custom-made Redis-based malware that is undetectable by traditional anti-virus solutions and has...

North Korean IT Workers Are Infiltrating Tech Companies

Plus: The Conti ransomware gang shuts down, Canada bans Huawei and ZTE, and more of the week’s top security news...

Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind their allegations, but are...

FortiOS Path Traversal Credential Gatherer

Fortinet FortiOS versions 5.4.6 to 5.4.12, 5.6.3 to 5.6.7 and 6.0.0 to 6.0.4 are vulnerable to a path traversal vulnerability within the SSL VPN web portal which allows unauthenticated attackers to download FortiOS system files through specially crafted HTTP requests. This module exploits this...

h1-ctf: Infiltrating into Grinch-Networks and saving Christmas!

Hi, you can find the write-up for this CTF here : https://castilho101.github.io/posts/hackerone-ctf-christmas...

Tales From the Trenches; a Lockbit Ransomware Story

ARCHIVED STORY Tales From the Trenches; a Lockbit Ransomware Story By ATR Operational Intelligence Team · APR 30, 2020 Co-authored by Marc RiveroLopez. In collaboration with Northwave As we highlighted previously across two blogs, targeted ransomware attacks have increased massively over the past...