Skip Navigation

Author

Field Effect Security Intelligence Team

Recent Posts by Field Effect Security Intelligence Team

Decorative Featured Image

Security Intelligence

APT 29 hustles high-profile organizations with malicious RDP files

APT 29 observed leveraging RDP to compromise victims, including governments, armed forces, think tanks, academic...
Decorative Featured Image

Security Intelligence

Clop ransomware claims responsibility for Cleo compromises

Clop ransomware group takes credit for recent breaches via the exploitation of two vulnerabilities in Cleo file...
Decorative Featured Image

Security Intelligence

Russian hackers, Turla, use Amadey infrastructure to target Ukraine

Turla observed hijacking the infrastructure of other threat actors to target Ukrainian entities.
Decorative Featured Image

Security Intelligence

Microsoft investigates potential new Windows zero-day vulnerability

Microsoft investigating reported zero-day vulnerability in Windows that could allow threat actors to capture NTLM...
Decorative Featured Image

Security Intelligence

Golden Chickens lays ‘More_eggs lite’ backdoor

Golden Chickens MaaS linked to Venom Loader and RevC2 in addition to its primary “more_eggs” malware offering.
Decorative Featured Image

Security Intelligence

Decade-old vulnerability in Cisco ASA WebVPN recently exploited

Cisco warns a decade-old vulnerability in its Adaptive Security Appliance (ASA) is being exploited by threat actors.
Decorative Featured Image

Security Intelligence

New phishing service ‘rocks’ M365 user accounts

Rockstar 2FA, a new phishing-as-a-service (PhaaS) platform, observed targeting Microsoft 365 user accounts with...
Decorative Featured Image

Security Intelligence

Novel attack vector evades anti-phishing security controls

Unnamed threat actors observed using a new attack vector that leverages intentionally corrupted Word documents to evade...
Decorative Featured Image

Security Intelligence

Fear thy neighbors…they could be APT 28

APT 28 observed leveraging a technique dubbed the “nearest neighbor attack” to breach a Washington, DC-based company...
Decorative Featured Image

Security Intelligence

Salt Typhoon unleashes ‘GhostSpider’ on telecoms

Salt Typhoon observed deploying a new backdoor called ‘GhostSpider’ in its ongoing campaign targeting telecommunication...
Decorative Featured Image

Security Intelligence

A RomCom you don’t want to see…on your network.

Russia-aligned threat group RomCom exploits recent vulnerabilities in Firefox and Windows to deploy self-titled...
Decorative Featured Image

Security Intelligence

Apple issues emergency patch for RCE and CSS zero-days

Apple releases emergency security updates to address two critical zero-day vulnerabilities exploited in attacks...