Introduction The FortiGuard Responder team has observed attempts to
employ a proxy execution technique that uses the Microsoft MSBuild to
deploy Cobalt Strike beacons throughout customer environments. This
technique was also observed and reported by ...
Introduction A critical remote code execution vulnerability in Apache
Log4j is actively being exploited in the wild. Log4j is a widely used
Java-based logging audit framework within Apache. The vulnerability is
due to insufficient input validation an...
Zerologon (CVE-2020-1472) continues to draw attention even a year after
its initial disclosure in Sep 2020. Zerologon is currently one of the
most extensively exploited post-exploitation Windows vulnerabilities,
having been adopted by several ransomw...
IntroductionA new threat group named Hive who deploy a ransomware
variant of the same name have begun to ramp-up operations around the
globe. Notable recent intrusions in North America have propelled this
group into the sights of the cyber security c...
Introduction Microsoft has released patch, mitigations and workarounds
to address a remote code execution vulnerability (CVE-2021-40444) in
MSHTML that affects Microsoft Windows. Exploitation of this
vulnerability allows a remote attacker to take con...