Mandiant observed four unique applications targeted and exploited using CVE-2021-44228. One product that caught our attention in the...
The attack-chain starts with a phishing email. The email includes a message about some important document and has a password protected...
During Vidar infections, the initial malware retrieves legitimate DLL files hosted on the same C2 server used for data exfiltration. ...
JSSLoader is a small, very capable .NET remote access trojan (RAT). Its capabilities include data exfiltration, persistence,...
You may hear the names Cobalt Strike, BEACON, and even team server used interchangeably, but there are some important distinctions...
Security researchers investigated and attributed several intrusions to a threat cluster, believed has a nexus to the actor tracked as...
A remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet...
Affected platforms: Microsoft Windows Impacted parties: 64-bit Windows Users Impact: Controls victim’s device and collects sensitive...
The malware found at the end of October 2021 by the Cleafy Threat Intelligence Team. The Cleafy blogpost stated that the main goal of...
An adversary campaign associated with COZY BEAR, was active throughout 2021 leveraging novel tactics and techniques in supply chain...
Qbot injected into many processes but one favorite in this intrusion, was Microsoft Remote Assistance (msra.exe). Within minutes of...
The Certified Cyber Incident Response Manager certification course brings Incident Response core competencies to advanced levels by...
The Cyber Security Operations Manager course brings cybersecurity core competencies to advanced levels with new concepts and traditional...
The Certified Network Forensic Analysis Manager certification course was originally developed for the U.S. government, and has now been...
The Certified Disaster Response and Recovery Manager course is a component of the career progression track that supports the required...
