CISO2CISO Cyber Security Resources - THREAT INTELLIGENCE - CISO2CISO.COM & CYBER SECURITY GROUP

THREAT INTELLIGENCE Notepads & resources

CVE-2025-32463 and CVE-2025-32462: Sudo Local Privilege Escalation Vulnerabilities Threaten Linux Environments – Source: socprime.com

CVE-2025-32463 and CVE-2025-32462: Sudo Local Privilege Escalation Vulnerabilities Threaten Linux Environments – Source: socprime.com

CVE-2025-20281 and CVE-2025-20282 Vulnerabilities: Critical RCE Flaws in Cisco ISE and ISE-PIC Enable Root Access – Source: socprime.com

CVE-2025-20281 and CVE-2025-20282 Vulnerabilities: Critical RCE Flaws in Cisco ISE and ISE-PIC Enable Root Access...

CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover – Source: socprime.com

CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover – Source:...

UAC-0001 (APT28) Activity Detection: The russian State-Sponsored Group Targets Government Agencies Using BEARDSHELL and COVENANT Malware – Source: socprime.com

UAC-0001 (APT28) Activity Detection: The russian State-Sponsored Group Targets Government Agencies Using BEARDSHELL and COVENANT...

CVE-2025-6018 and CVE-2025-6019 Vulnerability Exploitation: Chaining Local Privilege Escalation Flaws Lets Attackers Gain Root Access on Most Linux Distributions – Source: socprime.com

CVE-2025-6018 and CVE-2025-6019 Vulnerability Exploitation: Chaining Local Privilege Escalation Flaws Lets Attackers Gain Root Access...

Mocha Manakin Attack Detection: Hackers Spread a Custom NodeJS Backdoor Dubbed NodeInitRAT Using the Paste-and-Run Technique – Source: socprime.com

Mocha Manakin Attack Detection: Hackers Spread a Custom NodeJS Backdoor Dubbed NodeInitRAT Using the Paste-and-Run...

GrayAlpha Operation Detection: The Fin7-Affiliated Group Spreads PowerNet Loader, NetSupport RAT, and MaskBat Loader – Source: socprime.com

GrayAlpha Operation Detection: The Fin7-Affiliated Group Spreads PowerNet Loader, NetSupport RAT, and MaskBat Loader –...

CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking – Source: socprime.com

CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking – Source: socprime.com

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent Access and Ransomware Deployment – Source: socprime.com

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent...

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent – Source: socprime.com

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an...

CVE-2025-33053 Detection: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group – Source: socprime.com

CVE-2025-33053 Detection: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group...

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group – Source: socprime.com

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group...

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges – Source: socprime.com

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges – Source: socprime.com

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild – Source: socprime.com

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild – Source: socprime.com

CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments – Source: socprime.com

CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments...

Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com

Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI – Source: socprime.com

CyberLock, Lucky_Gh0$t, and Numero Detection: Hackers Weaponize Fake AI Tool Installers in Ransomware and Malware Attacks – Source: socprime.com

CyberLock, Lucky_Gh0$t, and Numero Detection: Hackers Weaponize Fake AI Tool Installers in Ransomware and Malware...

APT41 Attack Detection: Chinese Hackers Exploit Google Calendar and Deliver TOUGHPROGRESS Malware Targeting Government Agencies – Source: socprime.com

APT41 Attack Detection: Chinese Hackers Exploit Google Calendar and Deliver TOUGHPROGRESS Malware Targeting Government Agencies...

BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory – Source: socprime.com

BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory – Source:...

Detect APT28 Attacks: russian GRU Unit 26156 Targets Western Logistics and Technology Companies Coordinating Aid to Ukraine in a Two-Year Hacking Campaign – Source: socprime.com

Detect APT28 Attacks: russian GRU Unit 26156 Targets Western Logistics and Technology Companies Coordinating Aid...

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE – Source: socprime.com

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and...

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE – Source: socprime.com

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE – Source: socprime.com

Detect CVE-2025-31324 Exploitation by Chinese APT Groups Targeting Critical Infrastructure – Source: socprime.com

Detect CVE-2025-31324 Exploitation by Chinese APT Groups Targeting Critical Infrastructure – Source: socprime.com

Noodlophile Stealer Detection: Novel Malware Distributed Through Fake AI Video Generation Tools – Source: socprime.com

Noodlophile Stealer Detection: Novel Malware Distributed Through Fake AI Video Generation Tools – Source: socprime.com

Gunra Ransomware Detection: New Threat Targets Various Industries Globally Using Double-Extortion Tactics and Advanced Malicious Behaviors – Source: socprime.com

Gunra Ransomware Detection: New Threat Targets Various Industries Globally Using Double-Extortion Tactics and Advanced Malicious...

TerraStealerV2 and TerraLogger Detection: Golden Chickens Threat Actor Behind New Malware Families – Source: socprime.com

TerraStealerV2 and TerraLogger Detection: Golden Chickens Threat Actor Behind New Malware Families – Source: socprime.com

CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution – Source: socprime.com

CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution ...

CVE-2025-32432: Critical Craft CMS Vulnerability Is Actively Exploited in Zero-Day Attacks, Leads to Remote Code Execution – Source: socprime.com

CVE-2025-32432: Critical Craft CMS Vulnerability Is Actively Exploited in Zero-Day Attacks, Leads to Remote Code...

ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and File Transfer Utilities – Source: socprime.com

ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and...

CVE-2025-34028 Detection: A Maximum-Severity Vulnerability in the Commvault Command Center Enables RCE – Source: socprime.com

CVE-2025-34028 Detection: A Maximum-Severity Vulnerability in the Commvault Command Center Enables RCE – Source: socprime.com

Billbug Attack Detection: China-Linked Espionage Actors Target Southeast Asian Organizations – Source: socprime.com

Billbug Attack Detection: China-Linked Espionage Actors Target Southeast Asian Organizations – Source: socprime.com

CVE-2025-30406 Detection: Critical RCE Vulnerability in Gladinet CentreStack & Triofox Under Active Exploitation – Source: socprime.com

CVE-2025-30406 Detection: Critical RCE Vulnerability in Gladinet CentreStack & Triofox Under Active Exploitation – Source:...

CVE-2025-29824 Vulnerability: Exploitation of a Windows CLFS Zero-Day Could Trigger Ransomware Attacks – Source: socprime.com

CVE-2025-29824 Vulnerability: Exploitation of a Windows CLFS Zero-Day Could Trigger Ransomware Attacks – Source: socprime.com

UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer – Source: socprime.com

UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK...

Seashell Blizzard Attack Detection: A Long-Running Cyber-Espionage “BadPilot” Campaign by russian-linked Hacking Group – Source: socprime.com

Seashell Blizzard Attack Detection: A Long-Running Cyber-Espionage “BadPilot” Campaign by russian-linked Hacking Group – Source:...

UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL – Source: socprime.com

UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL – Source: socprime.com

CVE-2025-1449: Rockwell Automation Verve Asset Manager Vulnerability Enables Adversaries to Gain Access to Run Arbitrary Commands – Source: socprime.com

CVE-2025-1449: Rockwell Automation Verve Asset Manager Vulnerability Enables Adversaries to Gain Access to Run Arbitrary...

Gamaredon Campaign Detection: russia-backed APT Group Targets Ukraine Using LNK Files to Spread Remcos Backdoor – Source: socprime.com

Gamaredon Campaign Detection: russia-backed APT Group Targets Ukraine Using LNK Files to Spread Remcos Backdoor...

CoffeeLoader Detection: A New Sophisticated Malware Family Spread via SmokeLoader – Source: socprime.com

CoffeeLoader Detection: A New Sophisticated Malware Family Spread via SmokeLoader – Source: socprime.com

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper – Source: socprime.com

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web...

CVE-2025-1974: Critical Set of Vulnerabilities in Ingress NGINX Controller for Kubernetes Leading to Unauthenticated RCE – Source: socprime.com

CVE-2025-1974: Critical Set of Vulnerabilities in Ingress NGINX Controller for Kubernetes Leading to Unauthenticated RCE...

CVE-2025-29927 Next.js Middleware Authorization Bypass Vulnerability – Source: socprime.com

CVE-2025-29927 Next.js Middleware Authorization Bypass Vulnerability – Source: socprime.com

CVE-2025-24813 Detection: Apache Tomcat RCE Vulnerability Actively Exploited in the Wild – Source: socprime.com

CVE-2025-24813 Detection: Apache Tomcat RCE Vulnerability Actively Exploited in the Wild – Source: socprime.com

Operation AkaiRyū Attacks Detection: China-Backed MirrorFace APT Targets Central European Diplomatic Institute Using ANEL Backdoor – Source: socprime.com

Operation AkaiRyū Attacks Detection: China-Backed MirrorFace APT Targets Central European Diplomatic Institute Using ANEL Backdoor...

UAC-0200 Attack Detection: Cyber-Espionage Activity Targeting Defense Industry Sector and the Armed Forces of Ukraine Using DarkCrystal RAT – Source: socprime.com

UAC-0200 Attack Detection: Cyber-Espionage Activity Targeting Defense Industry Sector and the Armed Forces of Ukraine...

Medusa Ransomware Detection: The FBI, CISA & Partners Warn of Increasing Attacks by Ransomware Developers and Affiliates Against Critical Infrastructure – Source: socprime.com

Medusa Ransomware Detection: The FBI, CISA & Partners Warn of Increasing Attacks by Ransomware Developers...

CVE-2025-24201 Exploitation: Apple Fixes the WebKit Zero-Day Vulnerability Used in Sophisticated Attacks – Source: socprime.com

CVE-2025-24201 Exploitation: Apple Fixes the WebKit Zero-Day Vulnerability Used in Sophisticated Attacks – Source: socprime.com

CVE-2025-27840: Vulnerability Exploitation in Espressif ESP32 Bluetooth Chips Can Lead to Unauthorized Access to Devices – Source: socprime.com

CVE-2025-27840: Vulnerability Exploitation in Espressif ESP32 Bluetooth Chips Can Lead to Unauthorized Access to Devices...

Detect Hellсat Ransomware Attacks: New Ransomware-as-a-Service Threat Group Targeting а Variety of High-Profile Organizations Globally...

CVE-2025-25730 Vulnerability: Authorization Bypass in Motorola Mobility Droid Razr HD (Model XT926) – Source: socprime.com

CVE-2025-25730 Vulnerability: Authorization Bypass in Motorola Mobility Droid Razr HD (Model XT926) – Source: socprime.com

CVE-2025-1001 Vulnerability in Medixant RadiAnt DICOM Viewer Enables Threat Actors to Perform Machine-in-the-Middle Attacks – Source: socprime.com

CVE-2025-1001 Vulnerability in Medixant RadiAnt DICOM Viewer Enables Threat Actors to Perform Machine-in-the-Middle Attacks –...

UAC-0173 Activity Detection: Hackers Launch Phishing Attacks Against Ukrainian Notaries Using the DARKCRYSTALRAT Malware – Source: socprime.com

UAC-0173 Activity Detection: Hackers Launch Phishing Attacks Against Ukrainian Notaries Using the DARKCRYSTALRAT Malware –...

CVE-2025–27364 in MITRE Caldera: Exploitation of a New Max-Severity RCE Vulnerability via Linker Flag Manipulation Can Lead to Full System Compromise – Source: socprime.com

CVE-2025–27364 in MITRE Caldera: Exploitation of a New Max-Severity RCE Vulnerability via Linker Flag Manipulation...

UAC-0212 Attack Detection: Hackers Linked to UAC-0002 aka Sandworm APT Subcluster Launch Targeted Attacks Against the Ukrainian Critical Infrastructure – Source: socprime.com

UAC-0212 Attack Detection: Hackers Linked to UAC-0002 aka Sandworm APT Subcluster Launch Targeted Attacks Against...

CVE-2025-20059: Relative Path Traversal Vulnerability in Ping Identity PingAM Java Policy Agent – Source: socprime.com

CVE-2025-20059: Relative Path Traversal Vulnerability in Ping Identity PingAM Java Policy Agent – Source: socprime.com

CVE-2025-0108 Detection: Active Exploitation of an Authentication Bypass Palo Alto Networks PAN-OS Software – Source: socprime.com

CVE-2025-0108 Detection: Active Exploitation of an Authentication Bypass Palo Alto Networks PAN-OS Software – Source:...

Ghost (Cring) Ransomware Detection: The FBI, CISA, and Partners Warn of Increasing China-Backed Group’s Attacks for Financial Gain – Source: socprime.com

Ghost (Cring) Ransomware Detection: The FBI, CISA, and Partners Warn of Increasing China-Backed Group’s Attacks...

CVE-2025-26465 & CVE-2025-26466 Vulnerabilities Expose Systems to Man-in-the-Middle and DoS Attacks – Source: socprime.com

CVE-2025-26465 & CVE-2025-26466 Vulnerabilities Expose Systems to Man-in-the-Middle and DoS Attacks – Source: socprime.com

CVE-2025-1094 Exploitation, a Critical SQL Injection Vulnerability in PostgreSQL That Can Lead to Arbitrary Code Execution – Source: socprime.com

CVE-2025-1094 Exploitation, a Critical SQL Injection Vulnerability in PostgreSQL That Can Lead to Arbitrary Code...

RedCurl/EarthKapre APT Attack Detection: A Sophisticated Cyber-Espionage Group Uses a Legitimate Adobe Executable to Deploy a Loader – Source: socprime.com

RedCurl/EarthKapre APT Attack Detection: A Sophisticated Cyber-Espionage Group Uses a Legitimate Adobe Executable to Deploy...

Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine – Source: socprime.com

Sandworm APT Attacks Detection: russian State-Sponsored Hackers Deploy Malicious Windows KMS Activators to Target Ukraine...

XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities – Source: socprime.com

XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day...

CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations – Source: socprime.com

CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations...

CVE-2025-21293 Detection: PoC Exploit Released for a Privilege Escalation Vulnerability in Active Directory Domain Services – Source: socprime.com

CVE-2025-21293 Detection: PoC Exploit Released for a Privilege Escalation Vulnerability in Active Directory Domain Services...

Lumma Stealer Detection: Sophisticated Campaign Using GitHub Infrastructure to Spread SectopRAT, Vidar, Cobeacon, and Other Types of Malware – Source: socprime.com

Lumma Stealer Detection: Sophisticated Campaign Using GitHub Infrastructure to Spread SectopRAT, Vidar, Cobeacon, and Other...

TorNet Backdoor Detection: An Ongoing Phishing Email Campaign Uses PureCrypter Malware to Drop Other Payloads – Source: socprime.com

TorNet Backdoor Detection: An Ongoing Phishing Email Campaign Uses PureCrypter Malware to Drop Other Payloads...

CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380 Detection: CISA and FBI Warn Defenders of Two Exploit Chains Using Critical Ivanti CSA Vulnerabilities – Source: socprime.com

CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380 Detection: CISA and FBI Warn Defenders of Two Exploit Chains...

CVE-2025-21298 Detection: Critical Zero-Click OLE Vulnerability in Microsoft Outlook Results in Remote Code Execution – Source: socprime.com

CVE-2025-21298 Detection: Critical Zero-Click OLE Vulnerability in Microsoft Outlook Results in Remote Code Execution –...

Hackers Exploit AnyDesk Impersonating CERT-UA to Launch Cyber-Attacks – Source: socprime.com

Hackers Exploit AnyDesk Impersonating CERT-UA to Launch Cyber-Attacks – Source: socprime.com

CVE-2024-49113 Detection: Windows LDAP Denial-of-Service Vulnerability aka LDAPNightmare Exploited via a Publicly Available PoC – Source: socprime.com

CVE-2024-49113 Detection: Windows LDAP Denial-of-Service Vulnerability aka LDAPNightmare Exploited via a Publicly Available PoC –...

CVE-2024-55591 Detection: Critical Zero-Day Vulnerability in Fortinet FortiOS and FortiProxy Actively Exploited in the Wild – Source: socprime.com

CVE-2024-55591 Detection: Critical Zero-Day Vulnerability in Fortinet FortiOS and FortiProxy Actively Exploited in the Wild...

Detect Banshee Stealer: Stealthy Apple macOS Malware Evades Detection Using XProtect Encryption – Source: socprime.com

Detect Banshee Stealer: Stealthy Apple macOS Malware Evades Detection Using XProtect Encryption – Source: socprime.com

EAGERBEE Malware Detection: New Backdoor Variant Targets Internet Service Providers and State Bodies in the Middle East – Source: socprime.com

EAGERBEE Malware Detection: New Backdoor Variant Targets Internet Service Providers and State Bodies in the...

NonEuclid RAT Detection: Malware Enables Adversaries to Gain Unauthorized Remote Access and Control Over a Targeted System – Source: socprime.com

NonEuclid RAT Detection: Malware Enables Adversaries to Gain Unauthorized Remote Access and Control Over a...

CVE-2024-49112 Detection: Zero-Click PoC Exploit for a Critical LDAP RCE Vulnerability Can Crush Unpatched Windows Servers – Source: socprime.com

CVE-2024-49112 Detection: Zero-Click PoC Exploit for a Critical LDAP RCE Vulnerability Can Crush Unpatched Windows...

Strela Stealer Attack Detection: New Malware Variant Now Targets Ukraine Alongside Spain, Italy, and Germany – Source: socprime.com

Strela Stealer Attack Detection: New Malware Variant Now Targets Ukraine Alongside Spain, Italy, and Germany...

KRaft: Apache Kafka Without ZooKeeper – Source: socprime.com

KRaft: Apache Kafka Without ZooKeeper – Source: socprime.com

UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the “Army+” Application – Source: socprime.com

UAC-0125 Attack Detection: Hackers Use Fake Websites on Cloudflare Workers to Exploit the “Army+” Application...

Understanding OpenSearch Routing Allocation Settings – Source: socprime.com

Understanding OpenSearch Routing Allocation Settings – Source: socprime.com

Using Ruby Code in Logstash for Translating Text from HEX – Source: socprime.com

Using Ruby Code in Logstash for Translating Text from HEX – Source: socprime.com

DarkGate Malware Attack Detection: Voice Phishing via Microsoft Teams Leads to Malware Distribution – Source: socprime.com

DarkGate Malware Attack Detection: Voice Phishing via Microsoft Teams Leads to Malware Distribution – Source:...

UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware – Source: socprime.com

UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware...

How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’” – Source: socprime.com

How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’”...

Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version – Source: socprime.com

Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy...

CVE-2024-50623 Detection: Attackers Actively Exploit a RCE Vulnerability in Cleo Harmony, VLTrader, and LexiCom File Transfer Products – Source: socprime.com

CVE-2024-50623 Detection: Attackers Actively Exploit a RCE Vulnerability in Cleo Harmony, VLTrader, and LexiCom File...

New Cyber-Espionage Campaign Detection: Suspected China-Backed Actors Target High-Profile Organizations in Southeast Asia – Source:...

UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex – Source: socprime.com

UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex –...

BlueAlpha Attack Detection: russia-affiliated Hacking Collective Abuses Cloudflare Tunnels to Distribute GammaDrop Malware – Source: socprime.com

BlueAlpha Attack Detection: russia-affiliated Hacking Collective Abuses Cloudflare Tunnels to Distribute GammaDrop Malware – Source:...

RevC2 and Venom Loader Detection: New Malware Strains Massively Deployed via MaaS in a Sophisticated Campaign – Source: socprime.com

RevC2 and Venom Loader Detection: New Malware Strains Massively Deployed via MaaS in a Sophisticated...

SmokeLoader Malware Detection: Notorious Loader Reemerges to Target Companies in Taiwan – Source: socprime.com

SmokeLoader Malware Detection: Notorious Loader Reemerges to Target Companies in Taiwan – Source: socprime.com

HATVIBE and CHERRYSPY Malware Detection: Cyber-Espionage Campaign Conducted by TAG-110 aka UAC-0063 Targeting Organizations in Asia and Europe – Source: socprime.com

HATVIBE and CHERRYSPY Malware Detection: Cyber-Espionage Campaign Conducted by TAG-110 aka UAC-0063 Targeting Organizations in...

BlackSuit Ransomware Detection: Ignoble Scorpius Escalates Attacks, Targets 90+ Organizations Worldwide – Source: socprime.com

BlackSuit Ransomware Detection: Ignoble Scorpius Escalates Attacks, Targets 90+ Organizations Worldwide – Source: socprime.com

BianLian Ransomware Detection: AA23-136A Joint Cybersecurity Advisory Details on TTPs Leveraged by BianLian Operators in the Ongoing Malicious Campaigns – Source: socprime.com

BianLian Ransomware Detection: AA23-136A Joint Cybersecurity Advisory Details on TTPs Leveraged by BianLian Operators in...

Fickle Stealer Malware Detection: New Rust-Based Stealer Disguises as Legitimate Software to Steal Data from Compromised Devices – Source: socprime.com

Fickle Stealer Malware Detection: New Rust-Based Stealer Disguises as Legitimate Software to Steal Data from...

PXA Stealer Detection: Vietnamese Hackers Hit the Public and Education Sectors in Europe and Asia – Source: socprime.com

PXA Stealer Detection: Vietnamese Hackers Hit the Public and Education Sectors in Europe and Asia...

New Remcos RAT Activity Detection: Phishing Campaign Spreading a Novel Fileless Malware Variant – Source: socprime.com

New Remcos RAT Activity Detection: Phishing Campaign Spreading a Novel Fileless Malware Variant – Source:...

Interlock Ransomware Detection: High-Profile and Double-Extortion Attacks Using a New Ransomware Variant – Source: socprime.com

Stealthy Strela Stealer Detection: Info-Stealing Malware Resurfaces with Enhanced Capabilities to Target Central and Southwestern Europe – Source: socprime.com

Stealthy Strela Stealer Detection: Info-Stealing Malware Resurfaces with Enhanced Capabilities to Target Central and Southwestern...

UAC-0050 Phishing Attack Detection: The russia-Backed Group Massively Spreads Tax-Related Phishing Emails and Exploit LITEMANAGER – Source: socprime.com

UAC-0050 Phishing Attack Detection: The russia-Backed Group Massively Spreads Tax-Related Phishing Emails and Exploit LITEMANAGER...

UAC-0001 aka APT28 Attack Detection: Leveraging PowerShell Command in Clipboard as Initial Entry Point – Source: socprime.com

UAC-0001 aka APT28 Attack Detection: Leveraging PowerShell Command in Clipboard as Initial Entry Point –...

CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks – Source: socprime.com

CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks – Source: socprime.com

UAC-0218 Attack Detection: Adversaries Steal Files Using HOMESTEEL Malware – Source: socprime.com

UAC-0218 Attack Detection: Adversaries Steal Files Using HOMESTEEL Malware – Source: socprime.com

“Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian Public Sector Computers – Source: socprime.com

“Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian...

Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations – Source: socprime.com

Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and...

MEDUZASTEALER Detection: Hackers Distribute Malware Masquerading the Sender as Reserve+ Technical Support via Telegram Messaging Service – Source: socprime.com

MEDUZASTEALER Detection: Hackers Distribute Malware Masquerading the Sender as Reserve+ Technical Support via Telegram Messaging...

UAC-0050 Attack Detection: russia-Backed APT Performs Cyber Espionage, Financial Crimes, and Disinformation Operations Against Ukraine – Source: socprime.com

UAC-0050 Attack Detection: russia-Backed APT Performs Cyber Espionage, Financial Crimes, and Disinformation Operations Against Ukraine...

Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region – Source: socprime.com

Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE...

LemonDuck Malware Detection: Exploits CVE-2017-0144 and Other Microsoft’s Server Message BlockSMB Vulnerabilities for Cryptocurrency Mining – Source: socprime.com

LemonDuck Malware Detection: Exploits CVE-2017-0144 and Other Microsoft’s Server Message BlockSMB Vulnerabilities for Cryptocurrency Mining...

Shrouded#Sleep Campaign Detection: North Korean Hackers Linked to the APT37 Group Use New VeilShell Malware Targeting Southeast Asia – Source: socprime.com

Shrouded#Sleep Campaign Detection: North Korean Hackers Linked to the APT37 Group Use New VeilShell Malware...

Detecting CUPS Exploits: Critical Security Vulnerabilities in Linux and Unix Systems Allow Remote Code Execution – Source: socprime.com

Detecting CUPS Exploits: Critical Security Vulnerabilities in Linux and Unix Systems Allow Remote Code Execution...

Gamaredon Attack Detection: Cyber-Espionage Operations Against Ukraine by the russia-linked APT – Source: socprime.com

Gamaredon Attack Detection: Cyber-Espionage Operations Against Ukraine by the russia-linked APT – Source: socprime.com

SnipBot Detection: A New RomCom Malware Variant Leverages a Custom Code Obfuscation Method and Sophisticated Evasion Techniques – Source: socprime.com

SnipBot Detection: A New RomCom Malware Variant Leverages a Custom Code Obfuscation Method and Sophisticated...

Ransomware, extorsion and the cyber crime ecosystem by NCSC & NCA

Ransomware, extorsion and the cyber crime ecosystem by NCSC & NCA

Countering Ransomware Financing – FATF Report March 2023

Countering Ransomware Financing – FATF Report March 2023

396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint

396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection...

Orange Cyberdefense

Orange Cyberdefense Security Navigator 2023 – Research-driven insights to build a safer digital society

Orange Cyberdefense Security Navigator 2023 – Research-driven insights to build a safer digital society

A Practical Guide for OSINT Investigators to Combat Disinformation and Fake Reviews Driven by AI (ChatGPT) by ShadowDragon

A Practical Guide for OSINT Investigators to Combat Disinformation and Fake Reviews Driven by AI...

BlackBerry CyberSecurity

Global Threat Intelligence Report – Delivering Actionable and Contextualized Intel to Increase Cyber Resilience by BlackBerry Cybersecurity.

Global Threat Intelligence Report – Delivering Actionable and Contextualized Intel to Increase Cyber Resilience by...

Cyborg Security

Threat Hunting Framework by Cyborg Security

Threat Hunting Framework by Cyborg Security

Perception Point

2023 Annual Report – Cybersecurity Trends & Insights by Perception Point

2023 Annual Report – Cybersecurity Trends & Insights by Perception Point

From Bad Bots to Malcious Scripts – The Effectiveness of Specialized Defense by CSO – Akamai

From Bad Bots to Malcious Scripts – The Effectiveness of Specialized Defense by CSO –...

BlackBerry CyberSecurity

BlackBerry Cybersecurity Global Threat Intelligence Report April-2023 Edition

BlackBerry Cybersecurity Global Threat Intelligence Report April-2023 Edition

2023 SONICWALL CYBER THREAT REPORT – Charting Cybercrime´s Shifting Frontlines

2023 SONICWALL CYBER THREAT REPORT – Charting Cybercrime´s Shifting Frontlines

NACD - Intenet Security Alliance

Director´s Handbook on CYBER-RISK OVERSIGHT by NACD – Internet Security Alliance

Director´s Handbook on CYBER-RISK OVERSIGHT by NACD – Internet Security Alliance

Threat Hunting 101 – A Framework for Building and Maturing a Proactive Threat Hunting Program by RELIAQUEST

Threat Hunting 101 – A Framework for Building and Maturing a Proactive Threat Hunting Program...

Remediation and Hardering Strategies for Microsoft 365 to Defend Against APT29 Group – Threat Intelligence White Paper by MANDIANT

Remediation and Hardering Strategies for Microsoft 365 to Defend Against APT29 Group – Threat Intelligence...

State of Cyber Threat Intelligence 2023 – A deep dive into perpetual cycles of cybercrime and how to fight back by Flashpoint

State of Cyber Threat Intelligence 2023 – A deep dive into perpetual cycles of cybercrime...

F-Secure Labs Hardware Security Team

THE FAKE CISCO – Hunting for backdoors in Counterfeit Cisco devices – by Dmitry Janushkevich F-Secure Labs Hardware Security Team

THE FAKE CISCO – Hunting for backdoors in Counterfeit Cisco devices – by Dmitry Janushkevich...

M-TRENDS 2022 Mandiant Special Report

M-TRENDS 2022 Mandiant Special Report

osint - Open Source Intelligence

Awesome OSINT(Open-Source Intelligence) – Best curated list of amazingly awesome open source intelligence tools and resources.

Awesome OSINT(Open-Source Intelligence) – Best curated list of amazingly awesome open source intelligence tools and...

Microsoft Cyber Signal Report August 2022 edition – Extortion Economics – Ransomware´s new business model – You Must Read !!

Microsoft Cyber Signal Report August 2022 edition – Extortion Economics – Ransomware´s new business model...

Microsoft Security

Threat Hunting Survival Guide by Microsoft Security Experts

Threat Hunting Survival Guide by Microsoft Security Experts

INTRUSION DETECTION GUIDE – The fields leading experts show exactly how to detect, deter, and respond to security threats by PEERLYST

INTRUSION DETECTION GUIDE – The fields leading experts show exactly how to detect, deter, and...

PRASANNAKUMAR MUNDAS

Threat Hunting Playbooks for MITRE Tactics – Starting your first threat hunting today by PRASANNAKUMAR B MUNDAS

Threat Hunting Playbooks for MITRE Tactics – Starting your first threat hunting today by PRASANNAKUMAR...

2022 State of the internet report by cencys

2022 State of the internet report by cencys

Virusbulletin.com

LAZARUS AND BYOVD – EVIL TO THE WINDOWS CORE By Peter Kalnai – Matej Havranek – ESET – virusbulletin.com

LAZARUS AND BYOVD – EVIL TO THE WINDOWS CORE By Peter Kalnai – Matej Havranek...

CYBERSECURITY INSIDERS

THREAT HUNTING REPORT – Cybersecurity Insiders – DOMAINTOOLS 2021

THREAT HUNTING REPORT – Cybersecurity Insiders – DOMAINTOOLS 2021

OSINT – The Most Complete Open Source Intelligence Overview by Joas Antonio

OSINT – The Most Complete Open Source Intelligence Overview by Joas Antonio

CROWDSTRIKE 2023 GLOBAL THREAT REPORT

CROWDSTRIKE 2023 GLOBAL THREAT REPORT

Insider Threat Mitigation Guide by Cybersecurity Insfrastructure Security Agency

Insider Threat Mitigation Guide by Cybersecurity Insfrastructure Security Agency

KERNEL MODE THREATS AND PRACTICAL DEFENSES BY Joe Desimone and Ganriel Landau – ENDGAME

KERNEL MODE THREATS AND PRACTICAL DEFENSES BY Joe Desimone and Ganriel Landau – ENDGAME

World Economic Forum

Global Cybersecurity Outlook 2023 Insight Report by WEF – World Economic Forum in collaboration with Accenture

Global Cybersecurity Outlook 2023 Insight Report by WEF – World Economic Forum in collaboration with...

Detecting the Unknown – A Guide to Threat Hunting by UK Government

Detecting the Unknown – A Guide to Threat Hunting by UK Government

Definitive Guide to SOC as a Service – The Essential Elements of Advanced Threat Detection and Response by Crystal Bedell and Mark Bouchard – ARCTIC WOLF

Definitive Guide to SOC as a Service – The Essential Elements of Advanced Threat Detection...

MORE RESOURCES

CISO Strategics

cyber operations & soc

red - blue & purple teams

THREAT INTELLIGENCE

VULNERABILITIES

CYBER ATTACKS

DATA BREACH

MALLWARE

RANSOMWARE

DDOS ATTACKS

CLOUD SECURITY

IOT SECURITY

ot security

devsecops

hacking

risk & compliance

governance

data privacy

MORE CISO2CISO RESOURCES LIBRARY TO VIEW

CISO Strategics

SOC OPERATIONS

THREAT INTELLIGENCE

vulnerabilities

cyber attacks

RansoNWARE

DDOS ATTACKS

RED - BLUE & PURPLE

DATA BREACH

DATA PRIVACY

CLOUD SECURITY

IOT - OT SECURITY

RISK & COMPLIANCE

DEVSECOPS

Views: 7