GOLD SALEM tradecraft for deploying Warlock ransomware
Analysis of the tradecraft evolution across 6 months and 11 incidents
Analysis of the tradecraft evolution across 6 months and 11 incidents
Related
Attackers Target the Foundations of Crypto: Smart Contracts
A whole criminal ecosystem revolves around scamming users out of their crypto assets, but malicious — or vulnerable — smart contracts could be used against businesses as well.
Critical Flaw in Vibe-Coding Platform Base44 Exposed Apps
A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44.
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
Fortinet on Wednesday said it observed “recent abuse” of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations. The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the…
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure. The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
With AI’s Help, Bad Bots Are Taking Over the Web
Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say.
A $50 ‘Battering RAM’ Can Bust Confidential Computing
Researchers have demonstrated an attack that can break through modern Intel and AMD processor technologies that protect encrypted data stored in memory.