ThreatsHub.org
We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this report. Read More HERE…
In the final chapter of our blog series, we discuss mitigating strategies and recommendations to keep DDS protected from malicious actors. Read More HERE…
We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for easy monetary gain. Read More HERE…
In part two of our series, we’ll highlight both known and new DDS vulnerabilities and what they mean for mission critical operations. Read More HERE…
In this three-part blog series, we’ll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it. Read More HERE…
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data exfiltration. Read More HERE…
Learn about the state of OT Security in 2022 by reading the key insights found through surveying more than 900 ICS business and security leaders in the US, Germany and Japan. Read More HERE…
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately. Read More HERE…
Join Erin Sindelar, Mike Gibson, Brian Gorenc, and Dustin Childs as they discuss Pwn2Own’s 15th anniversary, what we’ve learned, and how the program will continue to serve the cybersecurity community in the future. Read More HERE…