Threat Overview FortiGuard Labs has published a comprehensive threat report on security incident response, providing insights and recommendations for organizations to improve their response capabilities. Published on 2025-01-15, the report titled "PSIRT | FortiGuard Labs" highlights
Continue ReadingMonth: January 2025
Threat Report: fasthttp Used in New Bruteforce Campaign
Threat Overview SpearTip has published a report detailing a new brute-force campaign leveraging the fasthttp library to gain unauthorized access to accounts. The campaign targets Azure Active Directory Graph API, resulting in a high volume of
Continue Reading
Threat Report: Deep Dive Into Linux Rootkit Malware
Threat Overview A recent threat report published by AlienVault provides insights into a malicious Linux rootkit malware that has been used to compromise CentOS systems. The report, titled "Deep Dive Into a Linux Rootkit Malware", highlights
Continue Reading
SOC Threat Report: Infostealer LummaC2 Exploits Fake CAPTCHA Verification Pages
Threat Overview Cyber threat actors continue to evolve their tactics, techniques, and procedures (TTPs) to evade detection and maximize impact. A recent threat report published by AlienVault on January 13, 2025, highlights a new distribution method
Continue Reading
Threat Report: Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Threat Overview A recent threat report published by AlienVault on January 10, 2025, has brought to light a new information stealing malware attack leveraging a fake proof-of-concept exploit for the LDAPNightmare vulnerability (CVE-2024-49113). This attack highlights
Continue Reading
Threat Report: Examining Redtail – Advanced Cryptocurrency Mining Malware
Threat Overview A recent threat report published by AlienVault, titled "Examining Redtail: Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics", highlights the growing sophistication of cryptocurrency mining malware. The report analyzes Redtail, a stealthy cryptominer
Continue Reading
ICS Threat Report: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Threat Overview A recent threat report published by AlienVault reveals a critical zero-day vulnerability, CVE-2025-0282, in Ivanti Connect Secure VPN appliances. This vulnerability has been exploited since mid-December 2024, allowing unauthenticated remote code execution. Exploited Vulnerability
Continue Reading
Threat Report: Formbook Phishing Campaign with Old Payloads
Threat Overview A recent phishing campaign has been observed delivering Formbook stealers through email attachments, as reported by AlienVault on January 7th, 2025. This report provides an analysis of the attack and recommendations for mitigation. The
Continue Reading
Threat Report: Unveiling the Tools and Techniques of APT34
Threat Actor ProfileOilRig, also known as APT34 and Helix Kitten, is a sophisticated state-sponsored threat actor believed to be aligned with Iranian interests. Active since 2016, OilRig primarily targets organizations in the Middle East, focusing on
Continue Reading
Threat Report: Sophisticated Google Domain Exploitation Chain Unleashed
Threat Overview Cyber threats targeting digital assets have become a pressing concern for organizations in various sectors, including e-commerce and finance. A recent threat report published by AlienVault highlighted the emergence of a sophisticated attack chain
Continue Reading