Cyber Attack

Security researchers have uncovered a sophisticated new malware campaign likely linked to North Korean hackers, targeting aerospace and defense companies with a previously undocumented backdoor. Researchers have dubbed the campaign "Niki." It uses job description...

Hackers often attack ESXi systems, as they are widely used in enterprise environments to manage virtualized infrastructure, making them lucrative targets. Threat actors can exploit security flaws in ESXi to deploy ransomware and perform other...

Hackers often abuse DNS and ICMP tunneling to transmit data and bypass network security measures covertly. All these protocols, which are often enabled by poorly protected firewalls, can be manipulated to create hidden communication routes...

A long-running espionage campaign by attackers using tools associated with Chinese hacking groups has breached multiple telecom operators in an Asian country since at least 2021, with evidence suggesting activity may date back to...

Threat actors leverage meeting software applications and tools to penetrate weak security loopholes, infiltrate secure settings and organizations, steal highly confidential information, and restrict organizational functions. Recorded Future's Insikt group has recently unveiled a long-term...

Hackers often abuse weaponized Word docs, as they can contain macros that contain or exploit flaws inside those Word files to run destructive code upon being opened by the intended victims. It enables an attacker...

A novel information-stealing campaign detailing the attackers' tactics, techniques, and procedures (TTPs) throughout the attack lifecycle, where the Mitre ATT&CK framework is used to classify these TTPs and identify potential detection points.  By examining the...

Ever since the introduction of PowerShell v5, there have been less usage of the application specifically among threat actors, penetration testers and red teamers. This is because PowerShell v5 introduced PowerShell security logging which allows...

A recently identified ransomware variant dubbed OPIX encrypts user files using a random character string and adds the ".OPIX" extension to them.  The ransomware will drop a notice on victims' screens telling them to get...

The SOC analysts identified a drive-by download attack leveraging SolarMarker malware, where the attack targeted users searching for team-building activities on Bing.  Attackers tricked the victim into downloading a seemingly harmless document by redirecting the...