Shared secret: EDR killer in the kill chain
A look under the hood at a tool designed to disable protections
A look under the hood at a tool designed to disable protections
Related
ShadowSilk Data Exfiltration Attack
FortiGuard Labs’ network telemetry has observed active exploitation of known vulnerabilities in Drupal Core and the WP-Automatic WordPress plugin for initial access. Following compromise, attackers deploy multiple web shells and utilities to enable lateral movement, privilege escalation, and the installation of remote access trojans (RATs).
Sophos Firewall v22 is now available
Secure by Design.
MITRE’s Latest ATT&CK Simulations Tackle Cloud Defenses
The MITRE framework’s applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks.
AI in the SOC: What Could Go Wrong?
Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here’s what they learned.
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to tackle a common practice called review bombing, where online…
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new “lightweight” malware families tracked as BAITSWITCH and SIMPLEFIX. Zscaler ThreatLabz, which detected the new multi-stage ClickFix campaign earlier this month, described BAITSWITCH as a downloader that ultimately drops SIMPLEFIX, a