Evasive Panda APT poisons DNS requests to deliver MgBot ​

Evasive Panda APT poisons DNS requests to deliver MgBot ​

by | Dec 24, 2025

Read More  Introduction The Evasive Panda APT group (also known as Bronze Highland, Daggerfly, and StormBamboo) has been active since 2012, targeting multiple industries with sophisticated, evolving tactics. Our latest research (June 2025) reveals that the attackers...
Assessing SIEM effectiveness ​

Assessing SIEM effectiveness ​

by | Dec 23, 2025

Read More  A SIEM is a complex system offering broad and flexible threat detection capabilities. Due to its complexity, its effectiveness heavily depends on how it is configured and what data sources are connected to it. A one-time SIEM setup during implementation is...
From cheats to exploits: Webrat spreading via GitHub ​

From cheats to exploits: Webrat spreading via GitHub ​

by | Dec 23, 2025

Read More  In early 2025, security researchers uncovered a new malware family named Webrat. Initially, the Trojan targeted regular users by disguising itself as cheats for popular games like Rust, Counter-Strike, and Roblox, or as cracked software. In September, the...
Yet another DCOM object for lateral movement ​

Yet another DCOM object for lateral movement ​

by | Dec 19, 2025

Read More  Introduction If you’re a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One common technique for remote command execution has been the use of DCOM objects. Over the years,...