Overview Proofpoint has identified a cluster of activity using Microsoft OAuth application creation and redirects that lead to malicious URLs enabling credential phishing. The fake Microsoft 365 a...
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been targeting embassies located in Moscow using an adversary-i...
Introduction Over the last five years, the Democratic People’s Republic of Korea (DPRK) has transitioned from smash-and-grab cryptocurrency raids to a more covert, scalable model of economic warfar...
Bitdefender cybersecurity experts discovered serious vulnerabilities in Dahua smart cameras that could have allowed hackers to take full control of the devices remotely. Fortunately, the vulnerabil...
Key Findings Check Point Research (CPR) conducted a focused analysis of Storm-2603, a threat actor associated with recent ToolShell exploitations, together with other Chinese APT groups. Storm-260...
Key Takeaways APT36 has expanded its focus to include Indian railway systems, oil and gas infrastructure, and the Ministry of External Affairs. They use .desktop files disguised as PDF docume...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2024-45515 n/a - n/a An iss...
Key Takeaways From This Blog Initial access can be physical and extremely low-profile, evading most traditional defenses. Memory and network forensics were the only effective techniques in det...
A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal dat...
Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with...
Security researchers may have discovered a reliable hosting company run by Qwins Ltd. that supports a broad range of international malware operations in a recent analysis resulting from standard fo...
Key takeaways Threat actors are exploiting Microsoft 365’s Direct Send feature to deliver phishing emails that appear to originate from within the organization, undermining internal trust, and inc...
In the latter half of 2024, the Russian IT industry, alongside a number of entities in other countries, experienced a notable cyberattack. The attackers employed a range of malicious techniques to ...
Executive Summary Sentinel Labs identified 10+ patents for highly intrusive forensics and data collection technologies that were registered by companies named in U.S. indictments as working on beh...
Executive Summary Over the past few months, our zLabs team has been actively tracking a sophisticated banker trojan strain that has rapidly evolved in both its distribution methods and capabilitie...
Anubis and the Death of Data: A New Era of Ransomware Operations Ransomware trends and the emergence of Anubis. Ransomware activity continues to increase, and Bitsight data illustrates the scale ...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2024-42651 n/a - n/a NanoMQ...
Singapore’s critical infrastructure faces an escalating cyber threat from UNC3886, a sophisticated Chinese state-linked Advanced Persistent Threat (APT) group that has been systematically targeting...
Vulnerabilities in AEM Forms The Searchlight Cyber Research Team discovered and disclosed three critical vulnerabilities in Adobe Experience Manager Forms to Adobe in late April 2025. As of writing...
The flaw, tracked as CVE-2023-2533, is described as a high-severity cross-site request forgery (CSRF) issue that, under certain conditions, allows attackers to modify security settings or execute a...