Two vulnerabilities in PaperCut have been found, and one of them is being actively exploited in the wild. This blog entry provides a summary of the vulnerabilities, and includes security guidance for IT and SOC professionals.
Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have changed since at least October 2022.
This blog entry features three case studies that show how malicious actors evade the antispam, antibot, and antiabuse measures of online web services via residential proxies and CAPTCHA-breaking services.
In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains (TLDs) while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards.
This is the first part of our security analysis of an information stealer targeting GitHub Codespaces (CS) that discusses how attackers can abuse these cloud services for a variety of malicious activities.