APT28 Reemerges with Modern Espionage Arsenal, Code Tied to 2010s Operations
The modern Sednit arsenal is centered on two highly-developed implants, deployed systematically in tandem to ensure persistent access.
All topics
Articles
96 Posts
Mister Decipher’s Neighborhood
It's a beautiful day in the neighborhood for hacking! Come along on a magical adventure as Mr. Decipher teaches you about the dangers of brute-force attacks!
Google: Commercial Surveillance Vendors Dominated Zero-Day Exploitation in 2025
Out of 42 unique zero days tracked by Google in 2025, 18 were attributed to CSVs, while 15 were linked to state-sponsored espionage groups.
Microsoft, Europol Disrupt Tycoon 2FA Phishing Service
The comprehensive effort, which involved seizing 330 active domains, cuts off a critical pipeline for account takeovers that targeted over 500,000 organizations and sent tens of millions of fraudulent emails monthly.
Q&A: Tod Beardsley on How to Use CISA’s KEV Catalog
Without context, the KEV catalog is just a very large collection of data. Tod Beardsley is the former CISA KEV section chief, and he recently released a paper called KEVology that provides key context and evaluates the value of certain enrichment signals.
Cisco, NSA Warn of Attacks Targeting Catalyst SD-WAN Zero Day
Cisco released software updates on Feb. 25 to fix the vulnerability, which affects both on-premises and cloud deployments of the Catalyst SD-WAN Controller.