Labs

High

CVE

Lateral Movement

Linux

CVE-2024-12084: Critical Rsync Heap Buffer Overflow Opens Door to Remote Code Execution

Buffer overflows, including heap buffer overflows, pose significant security risks by allowing unauthorized code execution. Notably, CVE-2024-12084 in Rsync exploits […]

Learn more

High

APT, LOLBin, Malware

Defense Evasion, Execution

EDR, Sysmon, Windows

Mustang Panda Espionage Campaign Reveals Rare ‘Hex Staging’ Technique to Evade Detection

A recent espionage campaign, classified as CL-STA-0048 and allegedly linked to the Chinese state-sponsored cyber-espionage group Mustang Panda, highlights a […]

Learn more

High

Campaign, CyberCrime, Malware

Persistence

EDR

Inside the Latest Italian xWorm Campaign: Enhanced Persistence to Confuse DFIR Investigations

During a malware campaign that hit the Italian territory last month a new version of the xWorm malware has been […]

Learn more

High

Malware

Discovery

EDR, Sysmon, Windows

Active Directory Enumeration Evolved: Exploring SOAPHound’s Exploitation of ADWS

Domain enumeration represents a critical initial phase of reconnaissance for malicious actors. An innovative approach designed to bypass traditional LDAP […]

Learn more

Medium

Bypass

Defense Evasion

Cloud

Breaking Conditional Access: New Black Hat EU Research on Token Manipulation Threats

In the rapidly evolving landscape of cybersecurity, the integrity of application access tokens has become a critical concern for organizations […]

Learn more