Exploitation of CVE-2022-38028 by Forest Blizzard
CVE-2022-38028 is a critical vulnerability in the Windows Print Spooler service that allows for arbitrary code execution with elevated privileges. The exploit was addressed by Microsoft in a…
Evidence-led cyber threat intelligence for defenders. Incident reports, actor profiles and vulnerability analysis — written for the people who have to act on it.
CVE-2022-38028 is a critical vulnerability in the Windows Print Spooler service that allows for arbitrary code execution with elevated privileges. The exploit was addressed by Microsoft in a…
Mandiant has highlighted Russia and Iran as prominent state-sponsored cyber threats poised to disrupt the 2024 elections. Their tactics, often multilayered and complex, include data theft, DDoS…
IBM's recent announcement of acquiring HashiCorp for $6.4 billion underscores a significant shift in the cybersecurity landscape. This strategic acquisition aims to bolster IBM's capabilities in…
A new phishing campaign leveraging Autodesk Drive has come to light, targeting corporate users through seemingly legitimate PDF files. Cybersecurity experts at Netcraft have uncovered that…
NHS Dumfries and Galloway, a Scottish healthcare provider, fell victim to a significant ransomware attack led by the group known as INC Ransom. This incident, which unfolded in March 2024, led to…
INC Ransomware is an opportunistic cybercriminal group active since mid-2023. Known for its rapid proliferation and impact across various industries, INC Ransomware has demonstrated a potent…
The recent security breach at MITRE Corporation has raised significant concerns, given the organization's critical role in cybersecurity research and development. In January 2024, a…
Recently, CVE-2024-4058 has emerged as a significant security vulnerability within Google Chrome, attributed to a use-after-free error in the V8 JavaScript engine. This blog post aims to provide a…
Introduction Line Dancer is a sophisticated shellcode loader that specifically targets Cisco Adaptive Security Appliance (ASA) devices. Recently analyzed by the National Cyber Security Centre…
Recent reports and intelligence assessments highlight specific risks associated with the Paris Olympics 2024. These concerns focus primarily on cybersecurity threats and the extensive physical…
A critical vulnerability identified as CVE-2023-20269 has been actively exploited in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software, specifically targeting the…
In one of the most significant cybersecurity incidents of 2024, UnitedHealth Group's subsidiary, Change Healthcare, suffered a major ransomware attack that disrupted healthcare services and…