Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia
The new remote access trojan (RAT) dubbed SpiceRAT was used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia.
SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques
Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023.
Tabletop exercises are headed to the next frontier: Space
More on the recent Snowflake breach, MFA bypass techniques and more.
Exploring malicious Windows drivers (Part 2): the I/O system, IRPs, stack locations, IOCTLs and more
As the second entry in our “Exploring malicious Windows drivers” series, we will continue where the first left off: Discussing the I/O system and IRPs.
How are attackers trying to bypass MFA?
Exploring trends on how attackers are trying to manipulate and bypass MFA, as well as when/how attackers will try their 'push-spray' MFA attacks
How we can separate botnets from the malware operations that rely on them
A botnet is a network of computers or other internet-connected devices that are infected by malware and controlled by a single threat actor or group.
Operation Celestial Force employs mobile and desktop malware to target Indian entities
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track as “HeavyLift.”
Only one critical issue disclosed as part of Microsoft Patch Tuesday
The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.
The sliding doors of misinformation that come with AI-generated search results
AI’s integration into search engines could change the way many of us interact with the internet.