APT28 Reemerges with Modern Espionage Arsenal, Code Tied to 2010s Operations
The modern Sednit arsenal is centered on two highly-developed implants, deployed systematically in tandem to ensure persistent access.
All topics
Government
19 Posts
The Zero Day Landscape, Tycoon 2FA Disruption, and KEVology
Every day is zero day, and this week we talked about the new Google Threat Intelligence Group report on the zero day exploit landscape in 2025 (2:22) and who’s exploiting what, then we discuss Microsoft’s disruption of the Tycoon 2FA cybercrime operation (9:51), and finally we talk about the KEVology report from runZero and our […]
Google: Commercial Surveillance Vendors Dominated Zero-Day Exploitation in 2025
Out of 42 unique zero days tracked by Google in 2025, 18 were attributed to CSVs, while 15 were linked to state-sponsored espionage groups.
Q&A: Tod Beardsley on How to Use CISA’s KEV Catalog
Without context, the KEV catalog is just a very large collection of data. Tod Beardsley is the former CISA KEV section chief, and he recently released a paper called KEVology that provides key context and evaluates the value of certain enrichment signals.
Cisco, NSA Warn of Attacks Targeting Catalyst SD-WAN Zero Day
Cisco released software updates on Feb. 25 to fix the vulnerability, which affects both on-premises and cloud deployments of the Catalyst SD-WAN Controller.
Former US Defense Contractor Sentenced to Jail For Selling Exploits
In a parallel Tuesday announcement, the Treasury Department also sanctioned the exploit broker network that had acquired the tools.