Blog
Ukrainian State Agencies Targeted with Open-Source Malware MerlinAgent
In early August, an unidentified threat actor tracked as UAC-0154 sent malicious emails to its targets, purportedly containing security tips from Ukraine's computer emergency response team (CERT-UA).
Ukrainian State Agencies Targeted with Open-Source Malware MerlinAgent
In early August, an unidentified threat actor tracked as UAC-0154 sent malicious emails to its targets, purportedly containing security tips from Ukraine's computer emergency response team (CERT-UA).
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware's infrastructure analysis from Team Cymru, and arrive a little over two months after...
Hackers Increasingly Abuse Cloudflare Tunnels for Stealthy Connections
Cloudflare Tunnels provide a range of access controls, gateway configurations, team management, and user analytics, giving users a high degree of control over the tunnel and the exposed compromised services.
New Threat Actor Targets Bulgaria, China, Vietnam, and Other Countries With Customized Yashma Ransomware
The threat actor behind this operation uses an uncommon technique of downloading the ransom note from a GitHub repository, evading detection by embedding it in an embedded batch file.
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. "Cloudflared is functionally very similar to ngrok," Nic Finn, a senior threat intelligence...
Invisible Ad Fraud Campaign Targets South Korean Android Users
The discovery by McAfee’s Mobile Research Team shed light on a trend where certain apps distributed through Google Play discreetly load ads while the user’s device screen is turned off.
CISA Unveils Cybersecurity Strategic Plan for Next Three Years
The Cybersecurity Strategic Plan for fiscal years 2024-2026 outlines the agency’s plans for achieving a future where damaging cyberattacks are rare, organizations are resilient, and technology is secure by design.
North Korean Hackers Compromise Sanctioned Russian Missile Engineering Company
A recent investigation by cybersecurity firm SentinelLabs has revealed that North Korean hackers have targeted a Russian missile engineering organization called NPO Mashinostroyeniya.
Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks....
FREE GUIDE