Since April 2024, the Marbled Dust threat actor has exploited a zero-day vulnerability (CVE-2025-27920) in the Output Messenger application to deliver malicious files and exfiltrate data from targets in Iraq, primarily associated with the Kurdish military. Microsoft Threat Intelligence recommends updating Output Messenger and provides detailed detection and mitigation guidance to combat this advanced espionage campaign. #MarbledDust #OutputMessenger
Tag: XDR
RansomHub’s Python backdoor infrastructure led to the discovery of an offensive tool named Eye Pyramid, which has been linked to multiple ransomware operations and associated
The ByBit crypto exchange suffered a massive theft of 400,000 ETH attributed to North Korea’s TraderTraitor group. Leveraging supply chain attacks and malicious Python scripts,
This article discusses the vulnerabilities in Digital Forensics and Incident Response (DFIR) procedures regarding malicious machine learning models. Existing tools often fail to recognize ML
This year’s RSA 25 features increased enthusiasm for Cisco, shown by a significant rise in attendees and advancements in AI security technology. Craig Connor highlights
Cisco has unveiled groundbreaking advancements in XDR at RSA 2025, showcasing agentic AI capabilities that automate investigation processes and enhance user experience for both security
The Hannibal Stealer is a new variant of information-stealing malware that targets various online services and sensitive data. Developed in C# and operating on the
Microsoft Defender XDR is a comprehensive cybersecurity solution that integrates data from various sources to improve threat detection, response times, and forensic investigations. It offers
This article discusses the ClickFix technique used by adversaries to deliver malware, particularly highlighting its association with the Lumma Stealer. The ClickFix method involves social