WeLiveSecurity

Webworm: New burrowing techniques

ESET researchers analyzed the 2025 activity of Webworm, a China-aligned APT group that started out targeting organizations in Asia, but has recently shifted its focus to Europe. Even though this is ...
GitHub

Microsoft Direct Send Reporting

PowerShell script to audit emails delivered via Microsoft Direct Send in an Exchange Online tenant, using either GDAP delegated access (CSP/partner) or direct admin credentials. No app registration ...
Bitdefender

APT36: A Nightmare of Vibeware

I'd like to thank my coauthors Adrian Schipor, Victor Vrabie, Marius Baciu, and Martin Zugec for their invaluable contributions to this research. This research provides a direct look at the new ...
LinkedIn

Designing Detections for Scale, Speed, and Human Beings

Detection engineering with KQL (Kusto Query Language) often looks simple on paper: write a query, reference a table, join some data, and generate alerts! In practice, it’s rarely that straightforward.
WeLiveSecurity

MuddyWater: Snakes by the riverbank

ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is ...
GitHub

Basic PowerShell tricks and notes

The following PowerShell series is designed for newcomers to PowerShell who want to quickly learn the essential basics, the most frequently used syntaxes, elements and tricks. It can also be used by ...
LinkedIn

How to Search File Contents Easily Across Different Platforms

Searching through files can be a time-consuming task if you don’t know where to start. The ability to search file contents efficiently can save you hours, whether you’re managing thousands of ...
TheServerSide

AZ-204 Azure Developer Practice Exams

Community driven content discussing all aspects of software development from DevOps to design patterns. A retail analytics company named Harbor Systems is building an application to transfer files ...
The Hacker News

APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures

The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a ...
Bitdefender

Technical Advisory: Mass Exploitation of CVE-2024-4577

Bitdefender Labs is tracking new campaigns as threat actors exploit a vulnerability we first highlighted in June 2024. Bitdefender issued a critical security advisory regarding CVE-2024-4577, a severe ...
The Hacker News

Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, ...