Security Intelligence

Application consent attacks: Patterns, detection, and mitigation

Field Effect has seen a surge in application consent attacks in the first quarter of 2024. Here's what that means and...

Security Intelligence

One-day, n-day, and zero-day vulnerabilities explained

Field Effect explains the difference between zero-day and one-day vulnerabilities, and how to prevent them from being...

Security Intelligence

4 lessons MSPs can learn from the ScreenConnect vulnerabilities

Discover what we learned from analyzing the ScreenConnect vulnerabilities, and how MSPs can use this information to...

Security Intelligence

Hackers observed abusing open redirect scripts in recent phishing campaign

Field Effect has detected a limited and brief phishing campaign that takes advantage of misconfigurations in...

Security Intelligence

Melting an IcedID sponsored Google ad for trojanized Webex download file

Field Effect security intelligence analysts were recently alerted to an incident in which IcedID malware was detected...

Security Intelligence

New Fortinet vulnerability allows RCE without authentication

Learn about a CVE-2023-27997 which affects Fortinet devices with SSL-VPN components, and can allow remote code...

Security Intelligence

MOVEit Transfer zero-day vulnerability: A golden opportunity for threat actors

Take a deep dive into the MoveIT Transfer zero-day vulnerability with Field Effect's analysts, and learn more about...

Security Intelligence

What you should know about the new .zip and .mov TLDs

Several new TLDs have become available, two (.zip and .mov) introduce additional risk.