Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Security Boulevard

Emulating the Mutative BlackByte Ransomware

BlackByte is a ransomware strain operated under the Ransomware-as-a-Service (RaaS) model that emerged in July 2021. Early versions of the ransomware were developed in C#, while later iterations were ...
LinkedIn

LATAM Businesses Hit by XWorm via Fake Financial Receipts: Full Campaign Analysis

Malware campaigns targeting Latin America (LATAM) are evolving. While the final payloads, often commodity RATs like XWorm, remain consistent, delivery mechanisms are becoming increasingly ...
GitHub

GoExec - Remote Execution Multitool

GoExec is a new take on some of the methods used to gain remote execution on Windows devices. GoExec implements a number of largely unrealized execution methods and provides significant OPSEC ...
Security Boulevard

APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
TechSpot

Microsoft will soon deprecate the insecure RC4 encryption algorithm

About time: Microsoft introduced support for the RC4 stream cipher in Windows 2000 as the default authentication algorithm for the Active Directory services. The system has been insecure for even ...
Ars Technica

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and ...
Microsoft

Beyond RC4 for Windows authentication

Update as of 2/4/2026: Details on the Windows Update rollout strategy added. As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever. The ...
WeLiveSecurity

MuddyWater: Snakes by the riverbank

ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is ...
Bitdefender

Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds

This research from Bitdefender Labs details a cluster of malicious activity we've been tracking since mid-2024. It uncovers a new threat actor group we’ve named Curly COMrades, operating to support ...
WeLiveSecurity

BladedFeline: Whispering in the dark

In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT group behind the attacks is BladedFeline, an Iranian threat actor ...