Blog, News & Press Releases - Field Effect

Security Intelligence

Threat actors poison Homebrew with AmosStealer

Threat actors observed abusing Google ads, impersonating Homebrew to trick users into installing AmosStealer.

Security Intelligence

Oracle patches over 300 vulnerabilities in annual multi-product update

Oracle releases updates for over 300 vulnerabilities affecting many of its products and services.

Security Intelligence

Microsoft Teams abused by Black Basta affiliates

Separate threat actors abuse Microsoft Teams to initiate chats and meetings with internal users to deploy malware.

Security Intelligence

U.S. issues sanctions for attack on Treasury and communications providers

The U.S. Treasury sanctions Chinese cybersecurity company and a Shanghai-based individual for their involvement in a...

Security Intelligence

Russian hackers target Ukrainian WhatsApp accounts in clever campaign

FSB observed impersonating U.S. government officials to gain access to WhatsApp accounts belonging to Ukrainians.

Security Intelligence

Six vulnerabilities found in Rsync file synchronization tool

Vulnerabilities discovered in popular file synchronization tool Rsync that could lead to remote code execution.

Security Intelligence

U.S. Treasury sanctions North Korea’s IT warriors

The U.S. Treasury imposes sanctions on two individuals and four entities linked to fraudulent North Korean IT workers...

Security Intelligence

Grixba’s disguise: Play Ransomware impersonates SentinelOne for stealth recon

Field Effect security intelligence analysts discover new IoCs and TTPs associated with Grixba, Play ransomware group's...

Security Intelligence

Fortinet fiasco: Rookie threat actor leaks creds for 15,000 devices

The Belsen Group has leaks configuration files, IP addresses, and VPN credentials for over 15,000 Fortinet devices.

Security Intelligence

FBI ‘unplugs’ Chinese malware from thousands of infected machines

FBI successfully concludes court-authorized operation to delete PlugX malware from 4,250 infected hosts.

Security Intelligence

‘Codefinger’ encrypts S3 buckets using AWS’s own encryption feature

Codefinger encrypts Amazon S3 buckets and demands a ransom in exchange for the decryption key.

Security Intelligence

Russian ISP Nodex destroyed by pro-Ukraine hackers

Network of Russian ISP Nodex destroyed by pro-Ukraine hackers.

Security intelligence (3)

Threat actors poison Homebrew with AmosStealer

Oracle patches over 300 vulnerabilities in annual multi-product update

Microsoft Teams abused by Black Basta affiliates

U.S. issues sanctions for attack on Treasury and communications providers

Russian hackers target Ukrainian WhatsApp accounts in clever campaign

Six vulnerabilities found in Rsync file synchronization tool

U.S. Treasury sanctions North Korea’s IT warriors

Grixba’s disguise: Play Ransomware impersonates SentinelOne for stealth recon

Fortinet fiasco: Rookie threat actor leaks creds for 15,000 devices

FBI ‘unplugs’ Chinese malware from thousands of infected machines

‘Codefinger’ encrypts S3 buckets using AWS’s own encryption feature

Russian ISP Nodex destroyed by pro-Ukraine hackers

Get the Field Effect newsletter.