Russia’s APT28 Launches Nuke-Themed Follina Exploit Campaign
Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute…
Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware
The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability…
New DFSCoerce NTLM Relay attack allows Windows domain takeover
A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely…
What We Mean When We Talk About Cyber Insurance
Cyber insurance is more than a policy for paying off ransomware gangs. It's designed to be something you transfer risk…
Cisco Secure Email bug can let attackers bypass authentication
Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into…
Zimbra bug allows stealing email logins with no user interaction
Zimbra and SonarSource proceeded to the coordinated disclosure of a high-severity vulnerability that allows unauthenticated attackers to steal cleartext credentials…
Threat Intelligence: Cyber and Electromagnetic Activities (CEMA) with Software-Defined Radio (SDR)
By Brendon McHugh, FAE & Technical Writer, Per Vices Under the umbrella term Cyber and Electromagnetic Activities (CEMA), […] The…
Microsoft patches actively exploited Follina Windows zero-day
Microsoft has released security updates with the June 2022 cumulative Windows Updates to address a critical Windows zero-day vulnerability known…
Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws
Today is Microsoft's June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows…
Metasploit 6.2.0 improves credential theft, SMB support features, more
​Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was…