Patchwork APT caught in its own web
The Patchwork APT, an Indian group targeting Pakistan exposes themselves with their own RAT
Patch now! FatPipe VPN zero-day actively exploited
The FBI has revealed that APT actors have been abusing a zero-day in FatPipe’s MPVPN, WARP, and IPVPN products since May.
A multi-stage PowerShell based attack targets Kazakhstan
We uncover a new attack delivered via a number of PowerShell scripts to deploy Cobalt Strike.
FBI and CISA warn of APT groups exploiting ADSelfService Plus
APT actors are exploiting a recently-discovered flaw in ManageEngine’s self-service password management product.
Kimsuky APT continues to target South Korean government using AppleSeed backdoor
Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.
Lazarus APT conceals malicious code within BMP image to drop its RAT
The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.
Microsoft Exchange attacks cause panic as criminals go shell collecting
The ProxyLogon vulnerability in Microsoft Exchange has moved from an Advanced Persistent Threat to cybercrime’s new toy in record time.
Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03
On Lock and Code, we talk to Eva Galperin, director of cybersecurity for EFF, about the importance of defending online anonymity and speech.
SolarWinds advanced cyberattack: What happened and what to do now
Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.
Silent Librarian APT right on schedule for 20/21 academic year
As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.
