Topic: network reconnaissance

Sort by: Relevance | Date
  • Google: Microsoft WSUS Attacks Strike Multiple Organizations
    October 29, 2025
    85%

    Google: Microsoft WSUS Attacks Strike Multiple Organizations

    A critical remote code execution vulnerability (CVE-2025-59287) in Microsoft's WSUS is being actively exploited, affecting Windows Server versions from 2012 to 2025, despite an emergency patch being released after initial fixes failed. Exploitation involves unauthenticated attackers running arbit...

    Read More »
  • SonicWall VPN Breach: Hackers Exploit Stolen Credentials
    October 14, 2025
    85%

    SonicWall VPN Breach: Hackers Exploit Stolen Credentials

    Attackers breached over 100 SonicWall SSLVPN accounts using stolen credentials, with malicious activity detected from October 4th to at least October 10th by Huntress. The intrusions utilized previously compromised valid credentials, not brute-force methods, and involved network reconnaissance an...

    Read More »
  • Microsoft GoAnywhere Flaw Fuels Ransomware Attacks
    October 14, 2025
    83%

    Microsoft GoAnywhere Flaw Fuels Ransomware Attacks

    A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT platform is being exploited by ransomware attackers, allowing remote access without user interaction. The cybercrime group Storm-1175, linked to Medusa ransomware, is actively using this flaw to gain initial access, deploy remot...

    Read More »
  • Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)
    October 31, 2025
    80%

    Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)

    A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) is being actively exploited, allowing attackers to install information-stealing malware on unpatched systems. The flaw stems from unsafe deserialization of untrusted data, enabling unauthentic...

    Read More »
  • UNC2891: Inside the ATM Fraud Money Mule Network
    November 21, 2025
    78%

    UNC2891: Inside the ATM Fraud Money Mule Network

    Cybersecurity group UNC2891 executed sophisticated ATM fraud attacks in Indonesia, using a money mule recruitment network and custom malware like STEELCORGI to target banks over multiple years. The criminals employed advanced tools including the CAKETAP rootkit to bypass security checks and multi...

    Read More »
  • Gootloader Malware Returns With New Evasion Tactics
    November 7, 2025
    68%

    Gootloader Malware Returns With New Evasion Tactics

    The Gootloader malware has returned with enhanced SEO poisoning tactics, using fake legal document websites to trick users into downloading malicious .js files that deploy additional malware like Cobalt Strike and backdoors. New evasion techniques include a custom web font that disguises filename...

    Read More »
  • 35 Must-Have Open-Source Security Tools for Red Teams & SOCs
    June 19, 2025
    40%

    35 Must-Have Open-Source Security Tools for Red Teams & SOCs

    The article highlights 35 essential open-source security tools for various domains like cloud security, threat hunting, and vulnerability management, aiding red teams and SOC analysts. Key tools include Autorize for authorization testing, BadDNS for DNS security, and Beelzebub for...

    Read More »

Related Topics

data exfiltration (3) lateral movement (3) security recommendations (2) emergency patch (2) wsus vulnerability (2) cybersecurity research (2) backdoor access (2) chrome extension forensics (1)