Tag: reconnaissance

Attack reports, vulnerabilities, indicators and intrusion sets linked to reconnaissance.

Attack reports (24)

• Beast Ransomware Toolkit: A Proactive Threat Intelligence Report · Published 20/03/2026 08:12 · Modified 20/03/2026 08:46
• MuddyWater Exposed: Inside an Iranian APT operation · Published 05/03/2026 15:18 · Modified 05/03/2026 15:50
• Critical Vulnerabilities in Ivanti EPMM Exploited · Published 18/02/2026 02:31 · Modified 18/02/2026 12:10
• New Clickfix variant 'CrashFix' deploying Python Remote Access Trojan · Published 05/02/2026 20:01 · Modified 05/02/2026 21:07
• I scan, you scan, we all scan for... knowledge? · Published 23/01/2026 00:03 · Modified 23/01/2026 10:02
• Operation Nomad Leopard: Targeted Spear-Phishing Campaign Against Government Entities in Afghanistan · Published 20/01/2026 08:51 · Modified 20/01/2026 09:09
• Teams Social Engineering Attack: Threat Actors Impersonate IT to Steal Credentials via … · Published 03/12/2025 09:29 · Modified 21/12/2025 18:18
• ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690) · Published 04/09/2025 17:54 · Modified 04/09/2025 21:45
• CTI Analysis: Malicious Email Campaign · Published 02/09/2025 08:58 · Modified 02/09/2025 09:43
• TOATH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents · Published 28/08/2025 14:51 · Modified 28/08/2025 15:34
• Analyzing LAMEHUG · Published 24/08/2025 11:22 · Modified 25/08/2025 11:02
• New Arsenal: LAMEHUG, the First AI-Powered Malware · Published 07/08/2025 11:20 · Modified 07/08/2025 22:22
• SharePoint Zero-Day Exploit (ToolShell) - Network Infrastructure Mapping · Published 02/08/2025 10:18 · Modified 04/08/2025 09:19
• KongTuke FileFix Leads to New Interlock RAT Variant · Published 15/07/2025 08:57 · Modified 15/07/2025 09:46
• Follow the Smoke | China-nexus Threat Actors Hammer At the Doors of … · Published 10/06/2025 08:22 · Modified 10/06/2025 09:16
• TA406 Pivots to the Front · Published 13/05/2025 21:01 · Modified 21/05/2025 19:38
• Post-Exploitation Activities Observed from the Samsung MagicINFO 9 Server Flaw · Published 10/05/2025 13:03 · Modified 12/05/2025 08:46
• South Korean Organizations Targeted by Cobalt Strike 'Cat' Delivered by a Rust … · Published 18/03/2025 20:59 · Modified 19/03/2025 09:34
• Credit Card Skimmer and Backdoor on WordPress E-commerce Site · Published 15/03/2025 07:22 · Modified 17/03/2025 10:08
• Play Ransomware impersonates SentinelOne for stealth recon · Published 17/01/2025 15:07 · Modified 17/01/2025 15:23
• Araneida Scanner: Cracked Acunetix Web App & API Scanner Discovered · Published 20/12/2024 08:49 · Modified 20/12/2024 11:42
• Analysis of Cyber Reconnaissance Activities Behind APT37 Threats · Published 06/11/2024 11:12 · Modified 06/11/2024 11:35
• Threat actors use ChatGPT to write malware · Published 14/10/2024 10:23 · Modified 14/10/2024 10:47
• Suspicious DNS Probing Operation Amplified · Published 06/06/2024 07:41 · Modified 06/06/2024 08:07