As if IoT & OT aren't hard enough to defend, we dive into five critical vulnerabilities in Microsoft Defender for IoT that leave the door wide open.
Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.
In the next part of our series on reversing macOS malware, we dig into identifying reused code across malware samples for hunting and detection.
How we used Brick to discover six different vulnerabilities affecting HP laptops' firmware
In Part 5 of our ongoing series on UEFI security research, we dive into the fascinating world of hunting and exploiting SMM vulnerabilities.
A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.
What really happened to Evil Corp after the OFAC sanctions? Did they cut and run, or are they still operating with impunity?
Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.
A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.
Learn how to dive into JIT compilers in JavaScript engines and follow along as we find a new set of exploit primitives in this previously patched bug.
