The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.
The investigation shows not only the indicators of compromise but also the reasons why the Log4j vulnerability will persist indefinitely.
The sophisticated rootkit malware infects system firmware to avoid detection and has claimed victims in China, Iran, Vietnam and Russia.
At least one model of GPS tracking devices made by Chinese firm MiCODUS "lacks basic security protections needed to protect users from serious security issues".
Unlike other speculative execution attacks like Spectre, Retbleed exploits return instructions rather than indirect jumps or calls.
State-affiliated APT groups seek sensitive information and try to learn story sources by targeting journalists' email and social media accounts.
The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.
APT group's use of a legitimate pen-testing tool gives them stealth capabilities, allowing them to avoid detection by EDR and antivirus tools.
The ZuoRAT remote access Trojan malware can compromise multiple router brands and likely has been active for years.
Criminal use of the LockBit ransomware as a service is growing rapidly thanks to updates to the malware and the decline of other ransomware gangs.
A new research project from OT:ICEFALL has uncovered 56 vulnerabilities in operational technology (OT) devices from 10 different vendors.
Researchers from Kaspersky Lab have published an analysis of a previously undocumented APT group that they have dubbed ToddyCat.
A proof-of-concept exploit could make Office 365 or Microsoft 365 documents stored on OneDrive or SharePoint inaccessible.
Researchers warn of a new worm that's infecting Linux servers by brute-forcing and stealing SSH credentials.
Researchers have come across a stealthy Linux backdoor that uses sophisticated techniques to hide itself on compromised servers and steal credentials.