Threat Research
How BOLA Leads to Enumeration and ATO Attacks
Imagine it’s a Friday night and you are out with your friends to the club. At the door, the bouncer asks you for your ID and lets all of you in. You ...
How BOLA Leads to Enumeration and ATO Attacks
Imagine it’s a Friday night and you are out with your friends to the club. At the door, the bouncer asks you for your ID and lets all of you in. You ...
Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine
On April 18, 2022, CERT-UA published alert #4490, which describes a malicious email campaign targeting Ukraine. The email attempts to deploy a Cobalt Strike beacon on the victim's system through the use ...
Threat Advisory: New Log4j Exploit Demonstrates a Hidden Blind Spot in the Global Digital Supply Chain
While helping our customers validate their patching efforts, the CQ Prime Threat Research team found additional unpatched servers with the Log4j vulnerability hidden within their digital supply chain, dubbed LoNg4j. The Risks ...
Threat Advisory: New Log4j Exploit Demonstrates a Hidden Blind Spot in the Global Digital Supply Chain
While helping our customers validate their patching efforts, the CQ Prime Threat Research team found additional unpatched servers with the Log4j vulnerability hidden within their digital supply chain, dubbed LoNg4j. The Risks ...
How the Emotet botnet flooded inboxes across Japan
Emotet has evolved into a monetized botnet-as-a-service platform over time, designed to deploy other malware or run campaigns via pay-per-install (PPI) offers, where cybercriminals pay other cybercriminals with a botnet network of ...
Emotet’s back. Here’s how to keep from getting hacked
Originally conceived of as banking malware more than eight years ago, Emotet today is among the malware that is most often used by ransomware and cybercriminal gangs. In fact, Emotet is experiencing ...
Industroyer2 malware targeting Ukrainian energy company
On April 12, the Ukrainian CERT (CERT-UA) reported that the Russian Sandworm Team targeted high-voltage electrical substations in Ukraine using a new variant of a malware known as Industroyer (aka Crash Override) ...
