‘Sliver’ Emerges as Cobalt Strike Alternative for Malicious C2
Enterprise security teams, which over the years have honed their ability to detect the use of Cobalt Strike by adversaries, may also want to keep an eye out for "Sliver."...
An interview with initial access broker Wazawaka: ‘There is no such money anywhere as...
Editor’s Note: Last April, a ransomware group threatened to expose police informants and other sensitive information if the Washington, D.C. Metropolitan Police Department did not pay a demand.
The brazen attack...
More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem
Two emerging ransomware gangs, known as RedAlert and Monster, have adopted cross-platform capabilities to make attacks easier to execute against multiple operating systems and environments. It's a shining example of a...
CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that a high-severity security vulnerability in Palo Alto Networks firewalls is being actively exploited in the wild.The bug (CVE-2022-0028,...
Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account
An elaborate and rather unusual phishing campaign is spoofing eFax notifications and using a compromised Dynamics 365 Customer Voice business account to lure victims into giving up their credentials...
Efficient ‘MagicWeb’ Malware Subverts AD FS Authentication, Microsoft Warns
The attackers responsible for the SolarWinds supply-chain attack have added a new arrow to their quiver of misery: A post-compromise capability dubbed MagicWeb, which is used to maintain persistent...
Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market
Two recent financial transactions worth billions — both involving private equity firm Thoma Bravo — have highlighted the continued and strong interest among investors and other technology vendors in...
Charming Kitten APT Wields New Scraper to Steal Email Inboxes
Iranian advanced persistent threat (APT) group Charming Kitten has a new data-scraping tool in its arsenal that claws emails from victim Gmail, Yahoo, and Microsoft Outlook accounts using previously...
One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious
The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts,...
Fake DDoS Protection Alerts Distribute Dangerous RAT
Threat actors are spoofing Cloudflare DDoS bot-checks in an attempt to drop a remote-access Trojan (RAT) on systems belonging to visitors to some previously compromised WordPress websites.
Researchers from Sucuri...
