Incident Response

We talk about all the latest news and information about incident response in this section. This includes changes to strategies, tools, and best practices for handling and reducing security incidents. Find out about recent high-profile events, new trends in how to respond, and what experts in the field have to say. The goal of our coverage is to give companies useful information that will help them deal with and recover from security breaches and cyberattacks.

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By manipulating its capabilities, attackers can execute…

3 weeks ago

TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data

The threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data,…

3 months ago

ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor

ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military…

4 months ago

PKfail, Critical Firmware Supply-Chain Issue Let Attackers Bypass Secure Boot

Hackers often attack secure boot during the boot process to execute unauthorized code, which gives them the ability to bypass…

5 months ago

HardBit Ransomware Using Passphrase Protection To Evade Detection

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware doesn't use leak sites or double…

5 months ago

Chinese APT40 Is Ready To Exploit New Vulnerabilities Within Hours Of Release

Multiple international cybersecurity agencies jointly warn of a PRC state-sponsored cyber group, linked to the Ministry of State Security and…

6 months ago

Hackers Attacking Vaults, Buckets, And Secrets To Steal Data

Hackers target vaults, buckets, and secrets to access some of the most classified and valuable information, including API keys, logins,…

6 months ago

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a threat actor to read sensitive files…

6 months ago

Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections

Attackers are employing evasion techniques to bypass detection and extend dwell time on compromised systems. This is achieved by targeting…

8 months ago

Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities

A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges. Dubbed…

8 months ago