• APT28: Inside Forest Blizzard’s New Arsenal

    Fast Facts:The Cyber espionage group Forest Blizzard is attributed to the GRU (Russia's military intelligence [...]

  • Kapeka: A new toolkit in Arsenal of SandStorm

    FAST FACTSKapeka, also known as KnuckleTouch, originally appeared in mid-2022 but was formally tracked in 2024 [...]

  • Dynamic Link Dazzle: Unveiling the Dark Side of DLLs

    Fast facts:DLL side-loading is a technique for executing malicious payloads inside a masqueraded DLL by [...]

  • XZ Utils Backdoor: Supply Chain Vulnerability (CVE-2024-3094)

    Introduction XZ Utils is a set of open-source compression utilities for compressing and decompressing files [...]

  • Raspberry Robin, Not a Juicy Raspberry You Love

    Fast facts Raspberry Robin, previously disseminated through USB drives, now employs Discord for distribution. The [...]

  • A Comprehensive Overview on Stealer Malware Families

    Fast FactsOver the last seven years, there has been a noticeable increase in the sale [...]

  • Unveiling the ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)

    On February 19, 2024, ConnectWise issued a critical advisory concerning two highly concerning vulnerabilities, namely [...]

  • Pikabot: A Sophisticated and Modular Backdoor Trojan with Advanced Evasion Techniques

    Fast FactsPikabot is a multi-staged backdoor trojan that emerged in early 2023.The most notable feature [...]

  • Insidious Nightmares: Automating Employee Onboarding and Off-boarding

    Goodbyes are hard for many people, but for a few those goodbyes are worth avenging. [...]

  • Uncovering Rhysida and their activities

    Fast Facts about RhysidaRhysida emerged as one of the most active ransomware groups in November [...]

  • TTPs of Russian SVR-affiliated Threat Actor Exploiting CVE-2023-42793

    Recently, CISA, along with the National Cyber Security Centre (NCSC) of the United Kingdom, the Polish [...]

  • Emerging Threat: Cactus, a new player in the ransomware game – Is it the last?

    Fast FactsCactus ransomware has been active since March 2023 and has been targeting high-profile targets [...]