I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...
A new threat actor is combining social engineering techniques, abuse of legitimate cloud infrastructure, and custom malware together to create what appears to be novel attack chain. Google Threat ...
Threat group UNC6692 is using social engineering attacks through Microsoft Teams to deploy a custom malware suite called Snow, with the goal of stealing sensitive data after deep network compromise.
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a browser extension, a tunneler, and a backdoor. Their goal is to steal ...
A fake Microsoft support website is tricking people into downloading what looks like a normal Windows update. Instead, it installs malware designed to steal passwords, payment details, and account ...
The MCP Scanner provides a comprehensive solution for scanning MCP servers and tools for security findings. It leverages three powerful scanning engines (Yara, LLM-as-judge, Cisco AI Defense) that can ...
Python libraries simplify testing networks and detecting vulnerabilities in systems. Tools like YARA and Pymetasploit3 help identify malware and security weaknesses. Encryption and AI-focused ...
Each scan does three main actions on each object: Extract child objects Some objects are archives, some are wrappers, and others are obfuscators. Whatever the case may be, find children objects that ...
A new report out today from cloud-native application security firm Sysdig Inc. details one of the first instances of a large language model being weaponized in an active malware campaign. Discovered ...
Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat ...