Fortgale Blog » Emerging Threats Emerging Threats

January 16, 2020 ·Emerging Threats

Red Teaming Series — Armitage

Armitage in offensive security operations: post-exploitation workflows, Metasploit collaboration, lateral movement and defensive lessons for SOC teams.

Read the analysis

January 15, 2020 ·Emerging Threats

ALERT — Microsoft cryptography systems vulnerability

CVE-2020-0601 (CurveBall): Microsoft Windows certificate validation vulnerability, exploitation primitives, NSA disclosure and remediation steps.

Read the analysis

January 12, 2020 ·Emerging Threats

ALERT — Vulnerability in Citrix ADC (NetScaler)

Critical Citrix ADC/NetScaler vulnerability: exploitation primitives, exposure metrics on Italian perimeters and remediation steps for affected appliances.

Read the analysis

January 25, 2019 ·Emerging Threats

Phishing — January 2019 attacks

Phishing campaigns observed during January 2019: lure templates, payload delivery and indicators across waves targeting Italian organisations.

Read the analysis

January 11, 2019 ·Emerging Threats

TrickBot infection of January 2019

TrickBot is a banking-trojan malware that steals the login credentials of targeted banking sites using webinjects. Since June 2018 TrickBot features lateral movement capabilities in order to propagate itself from an infected client to a vulnerable domain controller. TrickBot Screenshots TrickBot Indicators Of Compromise (IOCs)

Read the analysis

December 31, 2018 ·Emerging Threats

Compromise and Mining — Detection & Response

Cryptomining as a post-compromise objective: indicators on Linux and Windows endpoints, persistence techniques, network signals and containment workflow.

Read the analysis

December 14, 2018 ·Emerging Threats

Hybrid Cyber Warfare between Russia and Ukraine — Italy among the targets

Russia-Ukraine cyber conflict: spillover operations on Italian organisations, attribution signals, defacement and DDoS waves, intelligence-driven defence priorities.

Read the analysis

December 11, 2018 ·Emerging Threats

Today’s NATO event invitation used by a gang of cybercriminals

Among the cyber attacks recorded daily, there are some of more sophisticated nature. They are called Advanced Persistent Threats (APTs). These threats, among which some are state-sponsored, appear to be part of a Cyber Warfare scenario. Yet, they are as real as they can get and target specific information, such as company know-how, personal information or bank transactions. A team of analysts with appropriate … Read more

Read the analysis

December 5, 2018 ·Emerging Threats

APT28 leverages the NATO event

APT28 (Fancy Bear) timing operations around NATO events: spearphishing lures, fake credential portals, payload delivery patterns and attribution signals.

Read the analysis

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie & Privacy