The FortiGuard Responder team has observed attempts to employ a proxy
execution technique that uses the Microsoft MSBuild to deploy Cobalt
Strike beacons throughout customer environments. This technique was also
observed and reported by Renato Marinh...
Description A critical remote code execution vulnerability in Apache
Log4j is actively being exploited in the wild. Log4j is a widely used
Java-based logging audit framework within Apache. The vulnerability is
due to insufficient input validation and...
Zerologon (CVE-2020-1472) continues to draw attention even a year after
its initial disclosure in Sep 2020. Zerologon is currently one of the
most extensively exploited post-exploitation Windows vulnerabilities,
having been adopted by several ransomw...
DescriptionA new threat group named Hive who deploy a ransomware variant
of the same name have begun to ramp-up operations around the globe.
Notable recent intrusions in North America have propelled this group
into the sights of the cyber security co...
DescriptionMicrosoft has released patch, mitigations and workarounds to
address a remote code execution vulnerability (CVE-2021-40444) in MSHTML
that affects Microsoft Windows. Exploitation of this vulnerability
allows a remote attacker to take contr...