Living-off-the-land (LotL) techniques in cyber attacks refer to the use of legitimate, native tools already present in the target system to carry out malicious activities. This approach is particularly stealthyRead More →
Kubernetes has become the de facto orchestration platform for managing containerized applications, but with its widespread adoption, the security of Kubernetes clusters has come under greater scrutiny. Central to Kubernetes’Read More →
CVE-2023-4911 is a serious security vulnerability within the GNU C Library (glibc), specifically in the dynamic loader ld.so, associated with the processing of the GLIBC_TUNABLES environment variable. This vulnerability hasRead More →
The Common Vulnerability Scoring System (CVSS) has been updated to version 4.0, which has been formally announced by the Forum of Incident Response and Security Teams (FIRST). This update comesRead More →
According to a recent study published by the leading cybersecurity agency in France, a hacking organisation affiliated with Russia’s military intelligence agency has been spying on French colleges, corporations, thinkRead More →
Redcliffe Labs is one of the most comprehensive testing facilities in India. It provides more than 3,600 different diagnostic tests for illnesses and wellbeing. Users of the mobile application haveRead More →
The recent Okta breach has raised concerns within the cybersecurity community. On October 20, 2023, Okta, a provider of identity services like multi-factor authentication and single sign-on, disclosed a securityRead More →
BlackCat’s ransomware operators have recently introduced a new tool called “Munchkin,” enabling the propagation of BlackCat payloads to remote machines and shares within a victim’s network. This new tactic involvesRead More →
Comprehensive Analysis: ToddyCat’s Advanced Toolset and Stealthy Cyber Espionage Tactics ToddyCat, an Advanced Persistent Threat (APT) group, has garnered attention for its clandestine cyber-espionage operations, utilizing a sophisticated toolset designedRead More →
Cobalt Strike, a legitimate commercial penetration testing tool, has inadvertently become a favored instrument among cybercriminals for its efficacy in infiltrating network security. Initially released in 2012 by Fortra (formerlyRead More →
