APT actors are exploiting a recently-discovered flaw in ManageEngine’s self-service password management product.
Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.
The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.
The ProxyLogon vulnerability in Microsoft Exchange has moved from an Advanced Persistent Threat to cybercrime’s new toy in record time.
On Lock and Code, we talk to Eva Galperin, director of cybersecurity for EFF, about the importance of defending online anonymity and speech.
Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.
As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.
We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.
This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.