Four zero-days in February’s Patch Tuesday
February 2025's Patch Tuesday seems relatively relaxed, but there’s a catch for organizations using NTLM.
2 minutes
Pieter Arntz
Analyzing a Mispadu Trojan’s attack chain
We tracked a Mispadu banking Trojan infection from the email attachment to the payload.
1 minute
ThreatDown State of Malware report 2025
The ThreatDown State of Malware report focuses on a few key developments that we witnessed in 2024.
2 minutes
How a clipboard hijacker delivers Lumma Stealer
The use of fake Captcha websites has doubled in only a few months.
3 minutes
8 zero-days in one Patch Tuesday? Welcome to 2025
The January 2025 Patch Tuesday consists of 159 Microsoft CVEs, including three that are actively exploited.
2 minutes
Web shop spreads SocGolish malware and steals credit cards
A web shop selling jewelry was found with code belonging to two web skimmers and the SocGolish Trojan downloader.
2 minutes
Akira ransomware’s secret weapon—AnyDesk
The Akira ransomware group drops the AnyDesk client to gain persistence.
2 minutes
Which ports to monitor for ransomware attacks
There are a few ports that deserve extra attention when you're monitoring your systems for ransomware attacks.
3 minutes
Clipboard hijacker tries to install a Trojan
Criminals are attempting to get users to install malware from the clipboard.
2 minutes
Sysrv cryptomining botnet is still alive (and kicking out the competition)
Sysrv cryptomining botnets are still active, and analysis shows they are actively kicking out other malware.
4 minutes
Cleo, the next MOVEit and GoAnywhere?
The CL0P ransomware gang has claimed responsibility for attacks exploiting a vulnerability in Cleo file sharing products.
3 minutes
Top 5 most dangerous software weaknesses in 2024
The more things change, the more they stay the same.
3 minutes
December patch Tuesday fixes one actively exploited zero-day vulnerability
Microsoft patched an actively exploited vulnerability in the CLFS component.
1 minute
2024 MITRE ATT&CK® Evaluation results: ThreatDown detected every step
MITRE has released its 2024 ATT&CK Evaluation: Enterprise results, with ThreatDown alerting customers to each step of the infection chain…
2 minutes
Beluga phishing campaign targets OneDrive credentials
The Beluga phishing campaign uses .htm files to capture your company OneDrive credentials.
2 minutes
How to tame ransomware gangs’ top 5 favorite scripting engines
Securing your systems means mastering the tricky task of making scripting engines easy for your admins to use, and hard…
5 minutes
Update now! November Patch Tuesday tackles 4 zero-days, two actively exploited
Microsoft’s November Patch Tuesday includes fixes for 89 vulnerabilities in total.
3 minutes
How the Black Basta ransomware gang hides Cobalt Strike beacons with PowerShell
Ransomware gangs love PowerShell.
4 minutes
Ransomware review: November 2024
In October 2024 we recorded a total of 575 ransomware victims, a new high for this year.
2 minutes
