Mandiant recommends threat-hunting steps to detect COSMICENERGY despite no confirmed attacks in the wild.
Stories by Lucian Constantin
Attackers have several ways to enable lateral movement within a network via a compromised Teams account.
Research shows a shift toward advanced persistent threat actors compromising smaller organisation, in part to enable other attacks.
The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.
Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available.
The RA Group uses double extortion and has detailed information on its victims.
The group targets multinational firms using email display name spoofing and multiple fake personas.
Microsoft rates the new Outlook vulnerability as medium severity, but Akamai researchers say it should be higher.
New SSRF vulnerabilities highlight the weaknesses of using blacklisting techniques as a defense mechanism.
The CACTUS cybercriminal group targets VPN appliances for initial access and to install a backdoor.
New research shows that up to a half of all HTML email attachments are malicious, and not just because of a few massive campaigns.
At least two Veeam instances have been compromised, possibly using a vulnerability patched in March.
A cyberespionage group believed to be associated with the Iranian government has been infecting Microsoft Exchange Servers with a new malware implant dubbed BellaCiao that acts as a dropper for additional payloads.
A vulnerability in the Service Location Protocol on internet-connected devices could create a DDoS amplification factor of up to 2200X.
Left unmitigated, the vulnerabilities could lead to unauthorised remote access, denial of service attacks, or privilege escalation.