• Yet Another Microsoft Office365 zero-day: CVE-2023-36884

    Updated July 18, 2023Fast FactsCVE-2023-36884 is an Office and Windows HTML Remote Code Execution Vulnerability.No [...]

  • Emerging Threat: BianLian Ransomware’s Shapeshift to Encryption-less Extortion

    Executive Summary BianLian ransomware surfaced in June 2022 and has been a persistent threat to [...]

  • MOVEit’s Zero Day: The File Transfer Turmoil

    Executive SummaryMultiple vulnerabilities in MOVEit Transfer tracked as CVE-2023-34362, CVE-2023-35036, and CVE-2023-35708 were found.Mentioned vulnerabilities are [...]

  • Emerging Threat: Vice Society’s Double Extortion Strategy

    Executive Summary Vice Society is a relatively new Russian-speaking hacking group that arose in the [...]

  • Detecting and Responding to Compromises in Azure AD through AAD Connect

    Most organizations have infrastructures that span both on-premise and the cloud. To manage identities across [...]

  • PaperCut Vulnerability CVE-2023-27350: Detecting exploitation attempts

    by Anish Bogati & Rabindra Dev Bhatta, Security Research - Updated May 8th 2023PaperCut is [...]

  • Emerging Threat: RedLine Stealer Malware Outbreak – A Comprehensive Guide to Anatomy, Detection, and Response

    By Swachchhanda Shrawan Poudel & Anish Bogati; Security ResearchRedLine Stealer, the malicious software that was [...]

  • When Zero Day Meets Ransomware: CVE-2023-28252 and Nokoyawa Ransomware

    Microsoft has addressed a critical zero-day vulnerability actively exploited in the wild and has released [...]

  • Detecting and Responding to Trojanized 3CX Desktop Applications

    By Santosh Nepal and Anish Bogati; Security ResearchUpdated on 21st AprilQuick Digest:When a new application [...]

  • CVE-2023-23397: Detecting exploitation of zero-day Exchange server vulnerabilities

    by Nilaa Maharjan and Anish Bogati, Security ResearchA serious vulnerability tagged CVE-2023-23397 has recently been [...]

  • Emerging Threat: AgentTesla – A Review and Detection Strategies

    AgentTesla [S0331] a.k.a Negasteal is a .NET-based Remote Administrator Tool (RAT) first detected in [...]

  • OneNote Malicious Attachment as Initial Vector – Detect, Investigate, and Remediate using Logpoint

    Attackers are using OneNote files to infiltrate systems by embedding malicious payloads, with OneNote becoming [...]